Data Security Analyst

Description: The Senior IT Security Analyst is responsible for implementing governance and compliance requirements across business units. This person will work within the IT risk management team and support IT projects and initiatives with members of the Information Technology group and business stakeholders. In this cross functional role, they will work with technical managers, system administrators, application owners, software developers, infrastructure, service delivery, and IT leaders to mitigate and remediate vulnerabilities and manage technology risks across the enterprise. The senior analyst will be leveraged to work with IT teams to design, build, and monitor leading-edge IT configurations to ensure they meet regulatory and IT governance compliance requirements. The senior analyst requires a diversity of knowledge and experience related to operating systems, applications, databases and networking to perform technical IT security risk assessments, IT security monitoring, vulnerability management analysis, risk mitigation actions, and assist with IT disaster recovery and business continuity requirements. Candidate will also work with the enterprise security team on corporate IT security projects and initiatives that address compliance issues and improve our security posture across the enterprise. This calls for a resourceful senior analyst with the ability to interpret complex information and develop solutions to address security concerns in a timely manner. Key Responsibilities: Work closely with other IT team members and end users to provide solutions based on business requirements during all phases of the development and life cycle management process. Lead IT security initiatives and projects with risk management and other IT team members. Complete technical risk assessment for IT projects to ensure they meet compliance requirements. Use of IT security tools for risk management monitoring purpose, compile reports and complete complex security analysis tasks to identify suspicious activities and take appropriate action. Configure monitoring alerts and perform data analysis to identify anomalies and risk mitigation actions. Complete vulnerability management analysis to ensure system, application, and database patches are applied to reduce security risks. Search for and analyze security technology to reduce risks in every information security segment. Research and suggest measures to improve IT related procedures, operations, processes, and systems, specific to information security concerns throughout our business unit Work with business areas and IT staff to update and maintain IT disaster recovery plans (DRP), business impact analysis (BIA), and application recovery documents (ARD). Ensures IT compliance for SOX and Cyber DFARS regulatory requirements, and plays a lead role in support of and successfully passing IT audits. Perform IT security incident response and remediation activities, to include working with the enterprise and other business unit IT security teams, as necessary. Develop and disseminate security awareness and education information to end users and system administrators Develop and maintain documentation related to security processes, systems, procedures, and events. Provide recommendations to mitigate risks through the appropriate use of technical, procedural, and administrative controls in accordance with legal and regulatory compliance standards and established industry best practice Please email Robert.Carter@rht.com directly if you are interested in this position. Job Requirements 6+ years of IT technical, administrative, and network security experience with a knowledge of information security principles. Possess and maintain industry recognized security certifications (i.e., CISSP, Security+, GIAC). Experience with Windows desktop, server O/S, and Active Directory users and groups security configuration. Experience with Linux O/S is preferred Experience monitoring and assessing security threats Understanding of enterprise, network, system/endpoint, and application-level security issues and risks Experience understanding and determining vulnerabilities Responsible for remediation or analysis for identified security incident Understanding of TCP/IP networking Demonstrated experience with vulnerability assessment platforms and tools, antivirus and malware prevention and analysis tools, log management, security event and information systems, and network firewalls Understanding of network, system and application hardening techniques, processes, and standards Must be able to establish and maintain multiple priorities Established ability to learn and contribute quickly Results oriented and fact-based decision making Ability to work independently as well as collaboratively; possesses sound business judgment Good communication and presentation skills - provided by Dice
Analysis, Analyst, AntiVirus, Business Requirements, CISSP, Data Analysis, Database, Development, Disaster Recovery, Linux, Management, Networking, Research, Risk Management, Security, SOX, TCP/IP, Windows

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Cyber Security Analyst Job
Aberdeen, MD SAIC
Sr. Data Exploitation Analyst
Hanover, MD Oceaneering
Network Security Analyst
Welcome, MD ASRC Federal Holding Company
Senior Cyber Security Analyst (FISMA / IT audi...
Rockville, MD CSRA Inc.
IT Network Security Analyst (609-948)
Silver Spring, MD Eagle Bancorp, Inc.