Senior Information Security Analyst

Collaborate in defining and implementing strategic security goals by identifying optimal approaches and determining the necessary tools, technologies, tasks, processes, and metrics for execution

· Facilitate the implementation of operational processes and maintain continuous supervision to ensure their effectiveness.

· Recognize, gather, analyze, and respond to relevant operational metrics to enhance overall performance.

· Lead the implementation of strategies and goals in alignment with established metrics, working collaboratively with security personnel, system administrators, stakeholders, and end-users as necessary.

· Perform ongoing oversight of a range of security programs, such as privilege management, hardening and configuration management, vulnerability management, and attack-surface minimization.

· Collaborate internally to expand our ongoing security awareness program that enhances our knowledge and understanding of threats and appropriate security protocols

Requirements

Qualifications:

· Candidate must have at least 4 years of practical experience in Information Security, with relevant technology and infrastructure experience.

· Bachelor’s degree · Need to have, or be willing to obtain, PCI Internal Security Assessor (ISA) certification

· CISSP (preferred)

· CompTIA Security+ Certification (preferred, or equivalent certifications)

Additional Desirable Skills:

· Broad familiarity with a wide variety of security measures, and experience in implementing Defense in Depth solutions that combine technology-centric measures with administrative and other controls.

· Familiarity with the Microsoft security ecosystem.

· Familiarity with Microsoft Azure and related security issues/opportunities

· Familiarity with Secure SDLC issues and best practices (desired)

· Experience in balancing security objectives with ROI considerations

· Ability to understand in-house developed systems and identify risks