Senior Information Security Analyst
hid global
1d ago

Job Title : Senior Information Security Analyst

Department : IT Security

Reports To : Manager- Information Security

Job Description :

This Role is primarily responsible for performing risk assessments, third-party reviews, internal audits, information security control, and system review and design.

The successful candidate should have broad information security and risk experience, a high degree of professionalism, friendly and collaborative demeanor, and have strong verbal, written, and organizational skills.

This position typically reports to the Manager of Information Security

Responsibilities include but not limited to, the following :

  • Research, collect and analyze data to perform risk analysis and remediation
  • Perform reviews of Third Parties to identify risks and potential remediation
  • Generate reports and executive summaries of Third-Party assessments
  • Participate in audit functions and perform control effectiveness reviews
  • Act as part of a team responsible for HID Global security architecture
  • Prepare security reports by collecting, analyzing, and summarizing data and trends
  • Review proposed information systems and related technologies
  • Conduct Information Security Internal audits as per the standard & other requirements
  • such as ISO 27001.

  • Reports on key metrics and findings.
  • Conducts risk assessments on vendors and internal applications.
  • Collaborates with development and other functional areas to address vulnerabilities
  • within systems / applications.

  • Stay abreast of related emerging technologies and threats
  • Other duties as assigned
  • Qualifications

  • Minimum 6-9 years of experience in information security risk and compliance
  • Familiarity with ISO 27001 : 2013, NIST 800 series, NIST CSF, SOC 2, FedRamp and related risk assessment Methodologies
  • Good knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to an enterprise directory, enterprise integration architecture, and Identity & access management
  • Thoroughknowledge and understanding of security risk assessment on all information systems such as people, process, technology, and information processing facilities
  • knowledge on cloud security
  • Prepare risk assessment report and risk treatment plan.
  • Conduct Information security awareness sessions to end users / middle management.
  • Certification such as CISSP / CISA / CISM / CRISC / ISO27001 / AWS Security Cloud Certifications will be an added advantage.
  • Should be a self-starter and lead the risk analysis in assigned areas with minimum supervision.
  • Strong technical and / or management background in technical systems / environments.
  • Strong written and verbal communication skills
  • Ability to develop good working relationships and excellent interpersonal skills
  • Capable of working independently and as part of a team.
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form