Work Schedule: 8am-5:00pm; M-F
Technology Top Skills:
Robert Half is looking for a Cyber and Information Security Analyst in Salinas, California. The Cyber and Information Security Analyst will be leading and implementing various aspects of Cybersecurity, Infrastructure and Application Security for critical enterprise products. To thrive in this role, you should be a natural problem solver and have a strong sense of ownership. Apply for this position today if you think you are a self-confident, motivated person with a strong work ethic and excellent communication skills who enjoys a fast-paced, team-driven environment. Submit your application for this exciting opportunity!
Essential Duties:
-Monitor, review, analyze and document security alerts and reports generated from various
platforms and applications
-Identify threat risks from the reported phishing, malware and virus-related alerts
-Build automation for detecting, preventing and responding to security events
-Perform vulnerability scans; review and track identified vulnerabilities until remediated
Establish and coordinate remediation and mitigation activities for identified security risks
-Incorporate Security check processes into existing and new enterprise systems
-Conduct regular quarterly, semi-annual, and annual application user access reviews to ensure
Company’s regulatory compliance (FFIEC, GLBA, SOX)
-Research, analyze, recommend, design and implement network-based, host-based or cloudbased Information Security solutions
-Design, implement and maintain Security controls that support NIST, FFIEC, SOC2, PCI DSS,
GLBA, SOX frameworks
-Assist with gathering documentation to support internal and external audits
-Act as a Cybersecurity and Information Security SME (Subject Matter Expert) to various
internal teams on emerging threats
Top Requirements
-Bachelor’s degree in Computer Information Science, Engineering, or related field, or suitable
combination of education, experience and training
-5+ years of experience in Information Security, Risk and Compliance management, preferably
in highly regulated industry
-Good understanding of the following compliance/security frameworks: NIST, FFIEC, SOC2, PCI
DSS, GLBA and SOX
-Medium-to-advanced knowledge of subjects such as infrastructure (network, servers, storage)
security design and architecture, endpoint protection, SSO, MDM, BYOD, DLP, IAM,
vulnerability management, penetration testing, intrusion detection, risk management, and
forensics
-Familiar with cloud Security architecture in Microsoft Azure and Office 365
-Working knowledge of Information Security tools (vulnerability management, Nessus, Rapid7,
OpenSSL, NMAP, PAM, SIEM, pen testing, network packet analysis, forensics, etc.) and basic
Scripting
Certifications: CISSP, CISA, CISM, GCIA or other SANS GIAC certifications (either currently active or will be completed within 6-12 months).
**For immediate consideration please apply here and connect with Nadia Jimenez on LinkedIn