Category: Information Technology
System One is hiring for a IT Security Analyst in the Melbourne, FL area! This is a permanent position with great benefits.
- Responsible for the day to day management of the information security risk management program including maintaining a schedule of ongoing risk assessments, when necessary coordinating the outsourcing of risk assessment tasks and maintaining detailed documents outlining the risk rank for significant departments, processes and systems within the organization.
- Assists in the development of security policies, standards, and procedures. Provides information security guidance and expertise to internal personnel when new systems are being developed.
- Serves as program manager for Vendor Management program including developing and implementing guidelines for vendor RFP process, initial and on-going vendor due diligence including review of annual SSAE18s, contract review process, identifying and managing vendor risk and ensuring regulatory compliance by third party providers.
- Assists with the administration of the information security training programs for all employees including ongoing security awareness training. Assures that all staff understands their responsibilities as they relate to information security and have the knowledge, skills and motivation to fulfill those responsibilities.
- Leverage and partner with Information Technology Resources from both the Network and Application Support areas to review and direct oversight of external and internal vulnerability assessment testing and insuring the adequacy of documented security and administrative operating procedures for all critical systems.
- Ensures adequate incident response procedures are in place to react to security violations within critical systems; Informs management of security incidents, concerns and complaints in a timely manner. Keeps management and security administration personnel current on potential security technology threats. Assists in the investigation of internal security threats or incidents.
- Reviews data use records and compares usernames listed in records with employee authorizations to ensure that all employees who access data files were entitled to do so. Sends employee lists of security authorizations to managers to verify or correct information on an annual basis.
- Monitors changes in local, state and federal regulations and accreditation standards affecting information security, and makes recommendations to the Information Security Officer and other organization leaders on the need for policy changes.
- Reports to the Information Security Officer/Vice President of Operations on the status of information security.
- Knowledge of or ability to quickly learn best practices adopted by such organizations as ISO, FFIEC, NCUA and other that influence the information security program
- Knowledge of information security threats and vulnerabilities and organizations that contain current information on such threats and vulnerabilities
- Knowledge of data security tools including firewalls, authentication schemes, encryption and security monitoring and policy enforcement tools
- A Bachelor’s degree in computer science, programming or a similar field is preferred, plus additional course work gained through industry related or financial institution sponsored courses. Info Sec Certification preferred.
- 3 years’ experience in Information Security or related field. Experience in assessing the security needs of and coordinating all parts of a security program. Experience working in a financial institution is preferred.