Post Job

Information Security Analyst Jobs in Union City, GA

- 236 Jobs
All
Information Security Analyst
Senior Security Analyst
Information Security Manager
Cyber Security Analyst
Securities Analyst
Cyber Security Engineer
Senior Systems Security Engineer
Information Assurance Analyst
  • Security Analyst (information security and vendor risk management)_ Atlanta, GA (W2 /Local)

    Datum Technologies Group 3.5company rating

    Information Security Analyst Job 15 miles from Union City

    Security Analyst (information security and vendor risk management) Contract/ Contract to Hire /Direct Client Atlanta, GA Quals-- Top 5 must have skillsets: Experienced security 3rd party risk analyst who knows general security practices. Conduct applicable due diligence to onboard new vendors into the vendor management system and set appropriate review requirements based on the vendor risk rating and program guidelines. Has worked with 3rd party tools on submitting and receiving security questionnaires, and the ability to assess the responses. Experience speaking with vendors to gain more insights. Ability to handle pressure and urgent requests. Responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Work with management, development personnel, risk staff, auditors, facilities, and security department personnel to identify and implement security plans to ensure that all information assets are appropriately safeguarded, including the following:, software applications, hardware, telecommunications, and computer installations. Determine methods of implementing and enforcing security policies. Responsible for maintaining a high level of user trust and confidence in the group's knowledge of and concern for security of systems, while working on multiple network security projects. Essential Responsibilities*: Lead development of information security technology tasks and projects. Ability to communicate with all levels of management. Generate, coordinate, and maintain of project plans. Develops cost analysis estimates for information security tasks and projects. Keep project plans updated as required. Interact with customers as required by project objectives. Understanding of business process as it relates to information security. Define, redesign, and document security processes and procedures. Coordinate the development and delivery of awareness for information security. Work with resource owners to determine appropriate security policies for securable resources. Consult with IT staff to evaluate, select, install, and configure hardware and software systems that provide appropriate security functions. Assist resource owners in understanding and responding to security failures/problems. Assist in determining cause of security related events and identify potential security related events. Communicate to appropriate personnel on normal and exception processing of security authorization requests and/or breaches. Assist with documentation of security policies; maintain resource classification, may be required to present on security status, project status, and security training to management and IT personnel as needed. Assist in proactively protecting the integrity, confidentiality, and availability of information in the custody of or processed by the company. Consult with business units to ensure selection and use of realistic enforcement mechanisms. Aid in review of security policies and auditing of logs. Assist in developing and maintaining effective disaster recovery plans, processes, and procedures. Assist in Research, evaluate, design, test, recommend, and plan implementation of new or improved information security research, evaluate, design, test, recommend, and plan implementation of new or improved information security technology. Train information owners in the implementation of necessary computer security controls. *May perform other duties as assigned. 2-6 years experience required. What you need to succeed (minimum qualifications): · 5 or more years of experience with information technology security programs, audits, controls and/or third-party risk management · Ability to identify and assess IT security controls against Delta policies and standards and Federal/State Regulatory requirements and identify and communicate gaps · Exceptional written and verbal communication skills · Advanced computer skills including Microsoft Office suite and other business-related software programs · Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment · Proven analytical / problem solving skills and ability to work with cross-functional teams · High School diploma, GED or High School Equivalency. · Embraces diverse people, thinking and styles. · Consistently makes safety and security, of self and others, the priority. What will give you a competitive edge (preferred qualifications): · Bachelor's Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security · Key industry certifications such as CISA, CISM, CISSP, CRISC, etc. · Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc. · Familiarity with third party information security attestations/certifications such as SOC I/II reports, ISO, PCI-DSS, SOX. · Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessments · Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics · Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business · Experience with RSA Archer Will wait for your response. Vishnu Singh Email : ****************** Phone : ************
    $67k-99k yearly est. 6d ago
  • Cyber Security Engineer (16925)

    The Baer Group 4.1company rating

    Information Security Analyst Job 15 miles from Union City

    Baer is looking for Cyber Security Engineer for a 6+ month project located in Atlanta, GA Title: Cyber Security Engineer Duration: 6 months Rate: All-Inclusive Alignment: W2 or C2C Description: Collaborate on the development and enforcement of security policies, standards, and procedures. Help design, configure, and operate security tools and solutions; integrate them into existing systems. Conduct thorough risk assessments and vulnerability analyses to identify potential threats. Utilize PowerShell scripting for automation and to reduce the organization's attack surface. Develop and maintain secure APIs for data exchange and system integration. Create and manage Power BI dashboards for tracking security metrics and trends. Analyze logs, network traffic, and other data to detect and resolve security issues. Perform forensic analysis during and after security incidents to determine root causes and impact. Requirements: 3+ years of experience in a cyber security role. Strong understanding of security technologies, network protocols, Windows Server, Linux, firewalls, encryption, and IDS/IPS systems. Experience with Power BI for security data visualization and reporting. Familiarity with security frameworks such as NIST, ISO 27001, and PCI-DSS. Strong analytical and problem-solving skills; ability to interpret system logs and network data. Proficiency in PowerShell scripting for automation. Excellent written and verbal communication skills. Experience with Azure and cloud security best practices. Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field. Company Overview: Baer provides best-in-class engagement experiences for our consultants. Our job requirements are carefully vetted and are typically associated with pivotal programs offering tremendous opportunities to expand your skills leveraging the latest solutions. Baer is an equal opportunity employer including disability/veteran. ALL OPEN JOBS
    $89k-120k yearly est. 1d ago
  • Senior Transit System Safety & Security Engineer

    Transit Safety & Security Solutions, Inc.

    Information Security Analyst Job 15 miles from Union City

    Classification Exempt from Overtime Salary Level Mid-Level/Professional $100,000 - $120,000 JOB DESCRIPTION Summary/Objective The Sr. System Safety & Security Engineer (SSSE) reports directly to the System Safety & Security Manager (SSSM). The SSSE is responsible for supporting the implementation and completion of projects within the System Safety & Security (3S) Practice, in strict accordance with client contract requirements, while remaining aligned with the overall strategy, commitments, and goals of the company. Core responsibilities will include database maintenance, field inspections, reviewing design drawings, and conducting project-specific system safety and security activities. Essential Functions Reviews engineering documentation and drawings, and issues comments on civil, architectural, structural, mechanical, electrical, trac,k and communications regarding compliance with safety standards, fire codes, as well as other local building codes Conducts safety engineering reviews of construction/engineering documents, drawings, specifications, and operating procedures to ensure that fire and safety codes, standards, and principles are integrated, and all safety hazards are identified, eliminated, minimized, and/or controlled Participates in the Safety & Security Certification process to ensure compliance with the Safety & Security Certification Plan Monitors and reviews notices distributed via the project's document control system Conducts analyses on various transportation systems (examples: Railcars, Train Control, Communications, etc.) to identify potential safety hazards and ways to mitigate them Develops safety and security design criteria and requirements for technical specifications Reviews accidents worldwide to ensure mitigations from accidents are implemented if there's applicability to the project on which one is working Conducts System Safety Audits of passenger facilities, including transit centers, rail station platforms, and other areas identified in safety analyses Tracks and monitors identified hazards to ensure they are being eliminated Participates in and/or leads safety committees and safety audit teams and develops comprehensive safety reports Records and assigns hazard analysis findings to individual design disciplines, and verifies findings are defined in detail and understood Evaluates and makes sure approaches to technical issues for each hazard address the findings and are thorough and complete Prepares monthly status reports for System Safety, identifying all outstanding action items and the planned approach to accomplishment Develops and/or reviews safety training programs for employees and recommends revisions as needed Implements the requirements of 49 CFR 659 and supports all related activities associated with the State Oversight Agency Program Reviews and comments on project test plans that involve or include System Safety requirements and their verification/validation Develops, maintains, and monitors a Safety Open Item List that entails all the Safety Open Items on the project to completion Participates in all project audits by prime consultant and project quality team Maintains up-to-date System Safety and Security project documents (Management, Certification, and Program Plans) Required Skills and Qualifications Bachelor's degree in a safety or engineering-related field, or equivalent number of years of experience Demonstrated equivalent experience, education, and/or technical credentials may be considered in lieu of a degree A minimum of 10 years of experience in all aspects of CBTC (Communication-Based Train Control) safety programs, including preparing/reviewing hazard analyses, threat/vulnerability analyses, and leading safety reviews. Working knowledge of the Code of Federal Regulations (CFR) Title 49 - Transportation, Transit Safety Institute (TSI) Courses, Federal regulations, requirements, and certifications (FTA, FRA, DOT, OSHA, etc.), and other related knowledge, skills, or qualifications Working knowledge of and the ability to apply proven industry standards such as the IEEE/CENELEC/MIL (Military)/IEC (International Electrotechnical Commission)/NFPA (National Fire Prevention Association). Experience performing various safety analysis techniques, including: preliminary hazards analysis, fault tree analysis - failure modes, effects, and criticality analysis, desired but not required Experience in performing hazard and root cause analyses Experience researching and interpreting the American with Disabilities Act (ADA), National Fire Protection Association (NFPA) codes, Occupational Safety and Health Administration (OSHA) standards, American National Standards Institute (ANSI), and other safety-related national and local building, fire, and life safety codes and standards Familiarity with developing work rules and Standard Operating Procedures governing rail vehicles Must have a working knowledge or the ability to learn the physical and operating characteristics of passenger vehicles and facilities Must possess a working knowledge of accepted techniques for data evaluation, mathematical analyses, and statistical development Required to possess the knowledge and skills necessary to operate personal computer systems to develop and maintain business applications using standard software such as Windows, MS Word, Access, Excel and PowerPoint Required to possess demonstrable skills necessary to effectively present statistical information in various computer-generated reports, including graphs and charts Must possess a temperament suitable to effectively relate to all levels of personnel, clients, external business contacts and the general public Must possess the skills necessary to express oneself orally and in written format in a clear, concise and comprehensible manner Valid motor vehicle operator's license Must pass employment verification, verification of eligibility to work in the U.S., and criminal history background check Preferred Skills and Qualifications 10 years of experience in all aspects of CBTC safety programs, including preparing/reviewing hazard analyses, threat/vulnerability analyses, and leading safety reviews. A valid Professional Engineer (PE) license registered in the State of Georgia. Experience in reviewing developed technical designs, plans, functional/performance requirements, specifications, interfaces, test procedures, and other documentation for Signal, CBTC, and other Advanced Train Control Systems. Working knowledge of and the ability to apply proven industry standards such as the IEEE/CENELEC/MIL (Military)/IEC (International Electrotechnical Commission)/NFPA (National Fire Prevention Association). Support CBTC project execution by coordinating safety activities with the Project Manager, Systems Engineers, ISA, Contractor, and Customers, including ensuring that vital documents (hazard analyses, fault tree analyses, safety cases, etc) Board of Certified Safety Professionals (BCSP) Certification(s) - Associate Safety Professional (ASP) and/or Certified Safety Professional (CSP) World Safety Organization (WSO) Certification(s) - Certified Safety & Security Specialist (WSO-CSS) or Certified Safety & Security Director (WSO-CSSD) Transportation Safety Institute (TSI) Transit Safety and Security Program (TSSP) Certificate Project Management Institute (PMI) Certification(s) - Project Management Professional (PMP) American Public Transportation Association (APTA) - Active Membership and Committees Working knowledge or the ability to learn 49 CFR Part 238, Passenger Equipment Safety Standards, Railroad Operating Rules and Safety Rules Knowledge of the National Incident Management System (NIMS) Supervisory Responsibility This position does not have supervisory responsibility. Position Type and Expected Hours of Work This is a full-time position requiring 40+ hours per week. Typical hours of work are Monday through Friday, though some weekend activity may be required. This position may maintain a flexible work schedule but must satisfy project requirements first. Travel Out-of-the-area and overnight travel is to be expected for non-local residents. This position will require on-site presence at the project site every week, Monday through Friday. For non-local residents, TSSS provides corporate housing at no cost while on-site. TSSS also covers the cost of employee travel bi-monthly (twice a month) through utilization of a corporate AMEX. Employees may travel home more frequently at their own expense.
    $100k-120k yearly 6d ago
  • Information Security Analyst - IV

    Amnet Services

    Information Security Analyst Job 37 miles from Union City

    America Networks is a leading sensor and networking solutions partner for companies in any Industrial, Manufacturing, and Waste management space. We design and manufacture sensors for storage tanks, water metering, energy metering, gas monitoring, and asset management. Our founders are hardcore telecommunications engineers with combined 200 + years of experience in designing, optimizing and performance engineering; for several mid - large wireless carriers internationally - that saw a need to provide low power, cost efficient sensors to collect data, create alerts, and predict needed actions. We have combined these sensors with low power, wide area (LPWA) networking technologies to provide clients various options to decrease re-occurring costs associated with operating an IoT network of sensors and connected devices. We specialize in design, deployment, optimization, and support of these Networks. Whether an off-the-shelf or custom solution is needed, we'll create a solution and push the data on the best cloud platform to fit your needs, including your own. Job Description The responsibility of this position includes data protection, logging and monitoring for data security of our Big Data and Enterprise Data Warehouse platforms. Tools will be used to classify column level data according to confidentiality categories. This position will also be responsible for development and deployment of advanced data science algorithms to automatically detect and alert data usage anomalies. Encryption, tokenization, data masking, etc. will be applied to data according to confidentiality levels. • B.S. or equivalent work experience • 6+ years in related discipline • Experience with all phases of the Software Development Lifecycle, including system analysis, design, coding, testing, debugging and documentation • Teamwork & collaboration skills to work across organizations and lead cross-functional teams • Communication & stakeholder management skills • Problem solving skills to develop quick yet sound solutions to resolve complex issues • Programming Language(s): KSH, JAVA • Software: SHA 256, MD5, SSH, SSL, TLS, Teradata Tools and Utilities (BTEQ, MLoad, FastExport, FastLoad, TPT, TDCH, Query Grid, etc.), Hortonworks Hadoop software (Sqoop, HIVE, HBASE, SPARK, KAFKA, Kyvos, Ranger, Knox, Kerebos, etc.), Informatica software (Secure@Source, TDM, DDM, PowerCenter, BDM, EIC, IDL, IDQ, IIS, etc.), Aster, Tableau, Cognos, Qlik and other BI tools.. AWS cloud security for Hadoop/Teradata and HPE Voltage. Demonstrated excellent teamwork and also ability to work independently with minimal supervision. Expert knowledge of the wireless industry and data management activities. Must have Hadoop and cloud security expertise with usage logging, monitoring, tokenization/encryption, access controls, and analysis. Additional Information Vivek Salvatore vivek.salvatore(@)americanetworks.com ( *************
    $72k-102k yearly est. 7d ago
  • Cyber Security Analyst

    Uptime365

    Information Security Analyst Job 15 miles from Union City

    Role Value Proposition: The Incident Response Analyst will be a member of UpTime365's Global Cyber Incident Response Team. In this role, an analyst will use cutting edge tools and solutions, and collaborate with global team members across the organization to perform cyber incident response and protect UpTime365's partners against cyber threats. Key Responsibilities: Response to cyber security events and incidents by analyzing forensic data, logs, and threat intel to validate security threats, assess impact, determine root cause, and help coordinate remediation actions. Maintain awareness of emerging threats. Willingness and self-motiviation to learn and take advantage of all training opportunities provided. Perform proactive threat hunting to identify potential threats to UpTime365 and its partners. Partner with global incident response teams to coordinate global incident response. Eventual participation on a rotating on-call roster for off hour escalations. Requirements Essential Business Experience and Technical Skills: A bachelor's degree in cyber security or computer science, or 2-4 years of combined IT and Cyber Security related work experience. 1-3 years of experience analyzing logs (e.g. endpoint, network, identity), performing data correlation, and using SIEM or log management tools. Basic understanding of the Windows operating system and command line tools, network fundamentals, and cyber security concepts and frameworks. Scripting experience for analysis and automation of repeatable processes. Security specific certifications from SANS and other industry recognized organizations are desirable. Benefits Dental insurance Medical insurance Vision insurance 401K Paid vacation and sick leave Tuition fee reimbursement Students loan assistance
    $75k-102k yearly est. 60d+ ago
  • Prin. Analyst, Cyber Security

    Smurfit Westrock

    Information Security Analyst Job 15 miles from Union City

    Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that: * Address specific business challenges, integrate processes, and create great experiences * Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age * Imagine how technology can advance the way we work by using disruptive technology We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology. Location and/or Business/Division Details (if applicable) Title Principal Security Architecture, Atlanta, Georgia Position Summary: The opportunity: A Principal Security Architect plays a critical role in designing, implementing, and overseeing security strategies for enterprise environments. Responsibilities include: * Security Framework Design-establishing security architectures that align with business objectives and regulatory requirements. * Risk assessment and Mitigation-identifying vulnerabilities and developing risk mitigation standards * Enterprise security governance-Defining security policies, standards, and best practices. * Technology Selection and Implementation-evaluating and deploying security technologies such as SIEM, encryption, and identity management * Threat Modeling -Anticipate attack vectors and collaborating with the rest of IT organization * Security Analysis and advisory to the business How you will impact Smurfit Westrock: * Demonstrate a deep knowledge of all security domains. * Actively engage and lead strategic engagements with regards to both technical and business values. * Lead technical presentations with key stakeholders. * Active contributor to the internal Cloud Architecture Review Board (CARB)by participating in calls, publishing reference architectures, and creating decks and other reusable assets for technical topics. * Build relationships and establish key internal partnerships. * Monitor industry trends and recognize opportunities for new and emerging technologies. * Translate business requirements into well-architected solutions. * Document technical solutions that are aligned with critical business objectives. What you need to succeed: MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES Primary Responsibilities / Tasks: * Promotes security and privacy as a business enabler through effective partnership with product, strategy and engineering teams. * Works closely with project teams to fully understand business priorities and strategy. * Reviews solution designs and identifies opportunities for security integration. * Assigns risk-based security and privacy requirements to project teams. * Ensures solutions are secure through participation in all phases of the lifecycle, from requirements gathering to design, then implementation, followed by validation. * Works with project teams to identify and mitigate security and privacy risks. * Leads cost-risk tradeoff discussions with the project teams, helping to decide how important and at what increased cost each security requirement can be justifiably implemented. * Documents status of projects assigned security and privacy requirements including risks and exceptions. * Influences product selection and negotiates security and privacy requirements with teams and vendors. * Identifies security trends and relates to current and future needs of project teams as well as security and privacy standards. * Establishes functional goals for improving security and privacy operations and then initiates and drives team members toward achieving those goals. Delivery & Execution: * Drives configuration, debugging, and support for infrastructure * Drives field and corporate rollouts of security solutions * Drives the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs Support & Enablement: * Collaborates with product and project teams to understand needs and enable them with infrastructure * Supports technology architecture design review efforts for project and product teams * Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate * Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions * Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability * Opens and manages vendor problem tickets to resolution * Drives the production of in-house documentation around solutions * Monitors tools and proactively help teams struggling with systems issues * Provides application support for software running in production * Creates scripts and tools that drive automation and enables product teams and end users to move towards self service Learning: * Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impact tools, training, and support necessary to keep systems up, running, and secure * Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice) * Proactively view articles, tutorials, and videos to learn about new technologies and best practices being used within other technological organizations * Bachelor's Degree or in related field of study, including any of the following but not limited to: Information Systems, Network Engineering, or Information Security. * Certifications in related field, including any of the following but not limited to: CISSP, AWS Certification, Agile Certification. * Exposure to design pattern and application architecture * Ability to interpret additional computer languages and learn new ones as needed Minimum: * 5+ years of experience working in security architecture, operations, design, or development. * Strong experience across multiple security domains related to Data Protection, IT Risk, Network Security, Application Security, Security Operations, and Identity and Access Management. * Working knowledge of encryption concepts and implementation methods. * Working knowledge of remote access technologies and implementation best practices. * Knowledge of security operations including change management, incident management, configuration management, and vulnerability management. * Ability to manage multiple engagements and prioritize workload. * Expert level understanding of identity management and lifecycle, privileged access, access governance, contextual access, authorization, authentication and next generation authentication signals, access delegation, directory services, certificate lifecycle management, immutable vs mutable identifiers, and interoperability between the components * Experience with identity standards and protocols including SAML, OAuth, OIDC, SCIM * Experience with best-practice and implementation frameworks for zero trust, SSO, MFA, adaptive and risk-based authentication, ephemeral credentials, secrets management, role/attribute/policy-based access controls, and cloud native identity and access solutions * Experience implementing and integrating with enterprise-grade systems that are highly scalable, performant, reliable, and secure in global environments * Experience with published standards, guidance, best practices, profiles, and frameworks related to IAM and cyber security and practical implementation in an enterprise (NIST, ISO, SANS CIS Critical Security Controls) * Experience with at least one of the major cloud providers (AWS, Azure, GCP), cloud-native architecture, data security and integration services * Strong problem-solving skills. * Strong oral and written communication skills. Preferred: * BS/BA in a related discipline (i.e., Computer Science, Information Systems, Engineering, Business, etc.); and/or 5 years of experience in related field. * At least one relevant industry certification - CISSP, CISM, CISA, etc. * Knowledge of IT and security frameworks, such as NIST or CIS. * Experience with public cloud security architecture and solutions. * Experience with container security architecture and solutions. * Experience with integrating security with agile development teams. What we offer: * Corporate culture based on integrity, respect, accountability and excellence * Comprehensive training with numerous learning and development opportunities * An attractive salary reflecting skills, competencies and potential * A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work.
    $75k-102k yearly est. 7d ago
  • Information Security Specialist - VSRP

    Global Payment Holding Company

    Information Security Analyst Job 15 miles from Union City

    Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow. Summary of This Role Ensures the security posture of Global Payments through the security assessment, risk ranking, and continuous monitoring of critical vendor relationships. In this role you will help define efficient vendor assessment processes, identify and nurture partnerships both internal and external, and help coordinate vendor assessment activities. You will work closely with the Vendor Management Program Office (VMPO), Legal, Compliance, and Operations to provide cybersecurity expertise at vendor onboarding and throughout the vendor lifecycle. What Part Will You Play? Serves as a subject matter expert for the assessment of vendors and recommendations for risk treatment of identified gaps. Performs vendor security assessments. Coaches team members on the vendor assessment process and helps guide them through challenges as needed. Maintains and authors process documentation as required for existing processes or to define new processes to be implemented. Engages in special projects as required to deliver writeups, reports, or assessment summaries. Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing third party vendors and their respective infrastructure, policies, and best practices. Coordinate with relevant departments to help ensure the information in the Third-party Risk Management (TPRM) tool remains current and up to date. Respond to and process Threat intel alerts received from the TPRM tool through to resolution. Manages communication from the Vendor Security Risk Program (VSRP) to our internal partners in the event of a vendor incident. Assesses risks based on changes to implementation of NIST (National Institute of Standards and Technology, ISO (International Organization for Standardization)/BSO (Business Services Online); enhances knowledge of PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), PII (Personally Identifiable Information) , and Card personalization. Enhances understanding of business objectives and helps provide direction based on risk, Corporate Security Policy, and association and regulatory guidelines. Other duties as assigned. What Are We Looking For in This Role? Minimum Qualifications Bachelor's Degree Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field Minimum 6 Years Relevant Experience A proven track record of success assessing and monitoring the security posture of vendors. Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)), etc.). Knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.) Preferred Qualifications Professional certifications CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager) , CISA (Certified-Information-Systems-Auditor), GSEC (GIAC Security Essentials , Network +, Security + What Are Our Desired Skills and Capabilities? Soft Skills/Intrapersonal Skills - Exceptional verbal and written communication skills. Ability to positively influence to effect change within the organization. Ability to work within a team of exceptionally skilled individual contributors. Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside their own area of expertise. Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead). Risk Assessment - Ability to identify, communicate, and mitigate vendor security risk. Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them. Incident Response - Knowledge and skills to contribute to all phases of Incident Response. Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact ******************.
    $72k-102k yearly est. 9d ago
  • Sr Security and Threat Monitoring Analyst

    Ultimate Kronos Group

    Information Security Analyst Job 15 miles from Union City

    With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on. At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you. About the Team As a Senior Security and Threat Monitoring Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents within UKG's FedRAMP authorized computing environments. About the Role You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services. You will be an escalation point for all incidents, analyzing, confirming, re-prioritizing if necessary and remediating those identified threats within the UKG FedRAMP authorized computing environments. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's. Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), providing strong technical and environmental knowledge during the incident. You will lead efforts, post incident, in reporting and continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities. Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. Responsibilities: * Review tickets escalated from junior analysts to confirm the priority, category and accuracy of the details and conditions. * Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions. * Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration. * Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents. * Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture. * Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents. * Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology. * Provide mentoring and enablement of junior analysts globally to expand and extend UKG's GSOC capabilities and experiential capacities. Basic Qualifications: * Working professional with 4-6 years of relevant Security/SOC experience * 4-6 years of experience with common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). * 4-6 years of experience with cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). * Working knowledge of FedRAMP requirements, processes and procedures * Bachelor's degree in computer science or a related discipline * CISSP, CCSP, GIAC or other relevant cyber security certifications Preferred Qualifications: * Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). * Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions. * Experience with Splunk, ServiceNow SIR, EDR solutions, email security tools, and cloud environments (GCP, Azure). * Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities. * Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability. * Knowledge and experience in conducting and participating in security audits and assessments. * Understanding and experience in developing and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program. * Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors. * Knowledge and experience in designing, executing, and reporting threat hunting activities. * Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment. * Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements. Where we're going UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow! Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster UKG participates in E-Verify. View the E-Verify posters here. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The pay range for this position is $99,800.00 to $143,450.00 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at ***************************
    $99.8k-143.5k yearly 30d ago
  • Sr Security and Threat Monitoring Analyst

    UKG (Ultimate Kronos Group

    Information Security Analyst Job 15 miles from Union City

    With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on. At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you. **About the Team** As a Senior Security and Threat Monitoring Analyst, you will be part of UKG's Global Security Operations Center (GSOC) team investigating events of interest and incidents within UKG's FedRAMP authorized computing environments. **About the Role** You will facilitate and follow UKG's standard processes to investigate, contain, eradicate, and respond in a continued and unified effort to protect the confidentiality, integrity, and availability of UKG, our partners' and customers' data and services. You will be an escalation point for all incidents, analyzing, confirming, re-prioritizing if necessary and remediating those identified threats within the UKG FedRAMP authorized computing environments. You will leverage your skills, experience, and creativity to perform initial, forensically sound collection and analysis, methodologies to contain, eradicate, and recover from realized threats such as zero-day, ransomware, malware and other APT's. Additionally, you will be responsible for participating in incident response activities as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL), providing strong technical and environmental knowledge during the incident. You will lead efforts, post incident, in reporting and continuous improvement recommendations to enhance UKG's security posture through process development, tool rationalization, detection technique and automation enhancement opportunities and enablement/training possibilities. Due to the nature of the work, you are required to have occasional on-call duties on weekends and/or holidays. Additional work hours may also be required during an incident investigation. **Responsibilities:** - Review tickets escalated from junior analysts to confirm the priority, category and accuracy of the details and conditions. - Pivot to additional security tools to obtain and ascertain context or information and any other pertinent information to inform on the most effective and efficient mitigation/remediation actions. - Escalate tickets as required to GSOC Director for additional scrutiny and incident declaration. - Collaborate with UKG internal and external groups to develop and execute containment, eradication, and recovery strategies for lower priority incidents. - Identify, approve, and implement blocking, listing and other mechanisms to promote a robust security posture. - Participate in the Cyber Incident Response Plan (CIRP) process as part of the Cyber Incident Response Team (CIRT) or as the Cyber Incident Response Lead (CIRL) to lead and/or support mitigating and/or remediating critical incidents. - Participate in post-incident activities including coordinating and providing input within the requisite reports and identifying areas for continuous improvements within the GSOC enablement, processes or technology. - Provide mentoring and enablement of junior analysts globally to expand and extend UKG's GSOC capabilities and experiential capacities. **Basic Qualifications:** - Working professional with 4-6 years of relevant Security/SOC experience - 4-6 years of experience with common attack vectors on the network layer, different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). - 4-6 years of experience with cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored) and cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). - Working knowledge of FedRAMP requirements, processes and procedures - Bachelor's degree in computer science or a related discipline - CISSP, CCSP, GIAC or other relevant cyber security certifications **Preferred Qualifications:** - Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code). - Knowledge of cybersecurity, incident response methodologies, privacy principles, cyber threats, vulnerabilities, and detection methodologies and techniques for detecting intrusions. - Experience with Splunk, ServiceNow SIR, EDR solutions, email security tools, and cloud environments (GCP, Azure). - Knowledge and experience in reverse engineering to understand how an information asset works and analyzing system components to identify potential vulnerabilities. - Knowledge and experience in developing automations using scripting languages like Python and PowerShell to automate various tasks and improve accuracy, enhance task consistency, and increase scalability. - Knowledge and experience in conducting and participating in security audits and assessments. - Understanding and experience in developing and delivering relevant and value-add operational metrics to support and provide visibility into the GSOC program. - Knowledge of new and emerging cybersecurity technologies, threats, and threat vectors. - Knowledge and experience in designing, executing, and reporting threat hunting activities. - Knowledge and experience around offensive security (ethical hacking) techniques to identify and mitigate/remediate vulnerabilities in the UKG environment. - Knowledge and experience in cyber forensic procedures and how to extract information and generate reports in support of incident response and other advanced requirements. **Where we're going** UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow! Equal Opportunity Employer UKG is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, disability, religion, sex, age, national origin, veteran status, genetic information, and other legally protected categories. View The EEO Know Your Rights poster (https:****************************************************************************************** UKG participates in E-Verify. View the E-Verify posters here (https:************************************************************************************ . It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. The pay range for this position is $99,800.00 to $143,450.00 USD, however, base pay offered may vary depending on skills, experience, job-related knowledge and location. This position is also eligible for a short-term incentive and a long-term incentive as part of total compensation. Information about UKG's comprehensive benefits can be reviewed on our careers site at https:******************* (https:*******************) It is the policy of Ultimate Software to promote and assure equal employment opportunity for all current and prospective Peeps without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status entitled to protection under federal, state, or local anti-discrimination laws. This policy governs all matters related to recruitment, advertising, and initial selection of employment. It shall also apply to all other aspects of employment, including, but not limited to, compensation, promotion, demotion, transfer, lay-offs, terminations, leave of absence, and training opportunities.
    $99.8k-143.5k yearly 29d ago
  • Security Analyst Senior

    Carebridge 3.8company rating

    Information Security Analyst Job 15 miles from Union City

    Location: Ideal candidates will be able to report to our Pulse Point location at 740 W. Peachtree St NW, Atlanta, GA 30308 Work Hours: Monday to Friday, 8:00 am to 5:00 pm The Security Analyst Senior coordinates and prepares the security scanning for database technologies to identify potential vulnerabilities in compliance with policy and best practice. How you will make an impact: * Work with database subject matter experts to understand database infrastructure, identify database technologies, and establish routine scanning to ensure compliance with company policy. * Represent infrastructure security support in significant projects and perform the most complex operations and administration tasks. * Oversee and serve as the technical escalation of results of preventative maintenance. * Design and analyze vendor services meeting business and information security requirements and maintain vendor relationships. * Certify that recently created databases and/or migrated databases from previous instance are scanned within enterprise service level agreement (SLA) timeline. * Document standard operating procedures (SOP), maintain and update runbook. * Report monthly certified databases, number of scans, report on the business-critical databases to enterprise. * Validate report data to ensure accuracy. * Create process flows and metrics for internal review. * Run vulnerability scans on databases before releasing to production to eliminate potential vulnerabilities and validate proper controls are in place. * Administer vulnerability and secure configuration scanning for databases and servers on premise and in the cloud. * Analyze vulnerabilities with available exploits to identify opportunities to mitigate or remediate vulnerability exposure on impacted systems. * Administer vulnerability risk assessment methodology based on Common Vulnerability Scoring System (CVSS) utilizing Qualys, Guardium and Prisma vulnerability assessment technologies. * Communicate with system owners to help support remediation of identified vulnerabilities. Minimum Requirements: Bachelor's degree in Information Systems, Computer Science, or a related field. Additional Requirements: * Three (3) years of experience working in related occupation(s). * Three (3) years of experience must include: * Three (3) years of experience with administration of database vulnerability management assessment tools. * Three (3) years of experience with performance of vulnerability assessment utilizing the Common Vulnerability Scoring System (CVSS). * Three (3) years of experience in administration of database technologies, including SQL, Oracle, and DB2. * Three (3) years of experience operating and administering infrastructure or applications with Cloud environments. * Three (3) years of experience executing activities in alignment with compliance and contractual requirements, AICPA SOC 2, Payment Card Industry Data Security Standard (PCI-DSS) and HiTrust. Alternate Education/Experience Requirements: * Employer will accept a Master's degree in Information Systems, Computer Science or a related field plus 1 year of related experience. * Must have skills listed above. SALARY: $130,105.16 per year APPLY: ********************************** Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.
    $130.1k yearly 3d ago
  • Security Analyst Senior

    Paragoncommunity

    Information Security Analyst Job 15 miles from Union City

    Location: Ideal candidates will be able to report to our Pulse Point location at 740 W. Peachtree St NW, Atlanta, GA 30308 Work Hours: Monday to Friday, 8:00 am to 5:00 pm The Security Analyst Senior coordinates and prepares the security scanning for database technologies to identify potential vulnerabilities in compliance with policy and best practice. How you will make an impact: Work with database subject matter experts to understand database infrastructure, identify database technologies, and establish routine scanning to ensure compliance with company policy. Represent infrastructure security support in significant projects and perform the most complex operations and administration tasks. Oversee and serve as the technical escalation of results of preventative maintenance. Design and analyze vendor services meeting business and information security requirements and maintain vendor relationships. Certify that recently created databases and/or migrated databases from previous instance are scanned within enterprise service level agreement (SLA) timeline. Document standard operating procedures (SOP), maintain and update runbook. Report monthly certified databases, number of scans, report on the business-critical databases to enterprise. Validate report data to ensure accuracy. Create process flows and metrics for internal review. Run vulnerability scans on databases before releasing to production to eliminate potential vulnerabilities and validate proper controls are in place. Administer vulnerability and secure configuration scanning for databases and servers on premise and in the cloud. Analyze vulnerabilities with available exploits to identify opportunities to mitigate or remediate vulnerability exposure on impacted systems. Administer vulnerability risk assessment methodology based on Common Vulnerability Scoring System (CVSS) utilizing Qualys, Guardium and Prisma vulnerability assessment technologies. Communicate with system owners to help support remediation of identified vulnerabilities. Minimum Requirements: Bachelor's degree in Information Systems, Computer Science, or a related field. Additional Requirements: Three (3) years of experience working in related occupation(s). Three (3) years of experience must include: Three (3) years of experience with administration of database vulnerability management assessment tools. Three (3) years of experience with performance of vulnerability assessment utilizing the Common Vulnerability Scoring System (CVSS). Three (3) years of experience in administration of database technologies, including SQL, Oracle, and DB2. Three (3) years of experience operating and administering infrastructure or applications with Cloud environments. Three (3) years of experience executing activities in alignment with compliance and contractual requirements, AICPA SOC 2, Payment Card Industry Data Security Standard (PCI-DSS) and HiTrust. Alternate Education/Experience Requirements: Employer will accept a Master's degree in Information Systems, Computer Science or a related field plus 1 year of related experience. Must have skills listed above. SALARY: $130,105.16 per year APPLY: ********************************** Job Level: Non-Management Exempt Workshift: Job Family: IFT > IT Security & Compliance Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.
    $130.1k yearly 11h ago
  • Senior Azure Cloud Security Analyst

    Elevance Health

    Information Security Analyst Job 15 miles from Union City

    **Location:** This role requires associates to be in-office 1 - 2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This approach combines structured office engagement with the autonomy of virtual work, promoting a dynamic and adaptable workplace. Alternate locations may be considered. The **Senior Azure Cloud Security Analyst** is responsible for managing the delivery of information and network security systems and/or technology services, which may include server, desktop, software, network, and database components. **How You Will Make An Impact:** + Provides trouble resolution on complex problems and leads implementations for system and network security technologies. + Develops testing plans to ensure quality of implementation; coordinates and prepares the reporting of data security events and incidents. + Provides system and network architecture support for information and network security technologies; provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures. + Standards and technologies; represents major upgrades and reconfigurations in change control; design & analyze mix of vendor services meeting business and information security requirements; maintains relationship with key vendors. + Leads lights on initiatives to consolidate equipment and/or implement business relocations; determine and perform complex configuration changes to meet business and information security requirements; perform capacity analysis; recommend and implement capacity increases; serve as the technical escalation for results of preventative maintenance routines; supervise preventative maintenance. + Represents infrastructure security support in significant projects and performs the most complex operations and administration tasks; respond to level 3 & 4 change and problem requests without supervision; lead level 1 & 2 incident recoveries and root cause analysis. **Minimum Requirements:** + Requires a bachelor's degree or equivalent combination of education and experience that would provide the knowledge to perform such work. + Experience must include a minimum of 2 to 3 years experience in a support & operations or design & engineering role in any of the following areas: access management or network security technologies, servers, networks, Network communications, telecommunications, operating systems, middleware, disaster recovery, collaboration technologies, hardware/software support or other infrastructure services role; or any combination of education and experience, which would provide an equivalent background. + Requires experience providing top-tier support for 3 or more of the information security technology areas: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security. **Preferred Skills, Capabilities and Experiences:** + Technical security certifications (e.g. Systems Security Certified Practitioner) strongly preferred. Please be advised that Elevance Health only accepts resumes for compensation from agencies that have a signed agreement with Elevance Health. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health. Who We Are Elevance Health is a health company dedicated to improving lives and communities - and making healthcare simpler. We are a Fortune 25 company with a longstanding history in the healthcare industry, looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. How We Work At Elevance Health, we are creating a culture that is designed to advance our strategy but will also lead to personal and professional growth for our associates. Our values and behaviors are the root of our culture. They are how we achieve our strategy, power our business outcomes and drive our shared success - for our consumers, our associates, our communities and our business. We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few. Elevance Health operates in a Hybrid Workforce Strategy. Unless specified as primarily virtual by the hiring manager, associates are required to work at an Elevance Health location at least once per week, and potentially several times per week. Specific requirements and expectations for time onsite will be discussed as part of the hiring process. The health of our associates and communities is a top priority for Elevance Health. We require all new candidates in certain patient/member-facing roles to become vaccinated against COVID-19 and Influenza. If you are not vaccinated, your offer will be rescinded unless you provide an acceptable explanation. Elevance Health will also follow all relevant federal, state and local laws. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ******************************************** for assistance. Qualified applicants with arrest or conviction records will be considered for employment in accordance with all federal, state, and local laws, including, but not limited to, the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act.
    $78k-105k yearly est. 20d ago
  • Information Security Analyst

    360 It Professionals 3.6company rating

    Information Security Analyst Job 15 miles from Union City

    360 IT Professionals is a Software Development Company based in Fremont, California that offers complete technology services in Mobile development, Web development, Cloud computing and IT staffing. Merging Information Technology skills in all its services and operations, the company caters to its globally positioned clients by providing dynamic feasible IT solutions. 360 IT Professionals work along with its clients to deliver high-performance results, based exclusively on the one of a kind requirement. Our services are vast and we produce software and web products. We specialize in Mobile development, i.e. iPhone and Android apps. We use Objective C and Swift programming languages to create native applications for iPhone, whereas we use Android Code to develop native applications for Android devices. To create applications that work on cross-platforms, we use a number of frameworks such as Titanium, PhoneGap and JQuery mobile. Furthermore, we build web products and offer services such as web designing, layouts, responsive designing, graphic designing, web application development using frameworks based on model view controller architecture and content management system. Our services also extend to the domain of Cloud Computing, where we provide Salesforce CRM to effectively manage one's business and ease out all the operations by giving an easy platform. Apart from this, we also provide IT Staffing services that can help your organization to a great extent as you can hire highly skilled personnel's through us. We make sure that we deliver performance driven products that are optimally developed as per your organization's needs. Take a shot at us for your IT requirements and experience a radical change. Job Description The candidate will be a member of the Application Security Assessment (ASA) Team enforcing Global Cyber Security & Fraud at First Data. This includes automated vulnerability scanning mixed with manual penetration testing against web-based applications, web services, and thick client applications. Job Specific Responsibilities Utilize dynamic and static application security testing tools effectively, including IBM AppScan Standard, Fortify SCA, Burp Suite Pro, and Qualys. Host developer-focused appsec training workshops on topics including secure coding and vulnerability remediation. Coordinate testing objectives, reporting deliverables, and remediation efforts as the liaison between the financial institution(s), First Data, and third-party assessors. Provide documented guidance to development teams that define effective remediation solutions for vulnerabilities. Contribute to maintaining First Data Corporation's PCI-DSS certifications through addressing regulatory requirements. Availability to work occasional off-hours to complete assessments tied to meeting critical business objectives. Interview Required: Yes Information Technology-Info Security Analyst - Information Technology-Info Security Analyst Qualifications Bachelors Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Hands on technical experience with dynamic and static security testing tools, including source code assessments. Deep analytical skills, strong out-of-the-box thinking. Ability to effectively perform detailed-oriented technical information security work on a full-time basis. Excel independently in a fast-paced environment. Effective oral and written communication skills. Preferred Qualifications Masters Degree in Information Security, Computer Science, I.T., I.S., Engineering, Analytics or equivalent. Proficient web-application developer with demonstrable knowledge of HTML, C/C++, Java, VB, Ruby, etc. CEH, Security+, GWAPT Additional Information Regards, Vikas Kumar vikas.kumar(@)360itpro.com
    $81k-109k yearly est. 60d+ ago
  • Senior Security Analyst (Hybrid - Kennesaw, GA)

    Artivion, Inc.

    Information Security Analyst Job 31 miles from Union City

    Headquartered in suburban Atlanta, Georgia, Artivion, Inc. is a medical device company focused on developing simple, elegant solutions that address cardiac and vascular surgeons' most difficult challenges in treating patients with aortic diseases. Artivion has over 1,400 employees worldwide with sales representation in over 100 countries. The Company has manufacturing facilities located in Atlanta, Georgia, Austin, Texas and Hechingen, Germany. Additionally, it has sales and distribution offices in various countries throughout Europe, Asia, and South America. For additional information about Artivion, visit our website, ***************** Position Overview: The objective of the Senior Security Analyst position is to lead the design, implementation, and continuous improvement of enterprise security controls that protect the organization's digital assets, systems, and data. Reporting to the Cybersecurity Team Lead, the role is responsible for proactively identifying threats, mitigating risks, and ensuring the organization's cybersecurity posture aligns with business objectives and regulatory requirements. The Senior Security Engineer acts as a technical expert and key contributor to the development of a resilient, scalable, and secure IT environment while mentoring junior team members and collaborating with cross-functional teams. Responsibilities: * Proactively identify and analyze unauthorized activity (e.g., misuse, malware, intrusion attempts, phishing) on the global network and provide incident documentation. * Perform analysis of security alerts to evaluate true positive malicious risk to the business, determine containment action, and identify required preventative measures. * Perform regular vulnerability scans on network devices & web applications, provide technical & executive reports and assist with the remediation process. * Monitor identity and access management, including monitoring for abuse of permissions by authorized system users. * Assist in the completion of due diligence information security audits from third parties and clients. * Conduct regular vulnerability assessments and penetration tests. * Collaborate with IT and DevOps teams to remediate identified vulnerabilities. * Support audits and assessments related to frameworks such as ISO 27001, NIST, PCI DSS, or SOX. * Ensure security controls align with business objectives, regulatory requirements, and risk management practices. * Contribute to projects that enhance the security posture of the enterprise. * Operationalize actionable Threat Intelligence reports from internal and external sources. * Remain knowledgeable of changes in security technology, industry practices, and state & federal regulatory requirements and serve as an Information Security Subject Matter Expert (SME). * Provide technical assistance to IT staff in the detection and resolution of security incidents. * Manage end-user communication related to security awareness and manage security awareness platform. * Develop and maintain reports and dashboards for reporting on KPIs on security awareness, threats, and events. * Promote activities to foster information security awareness throughout the organization. * Creates and maintains security specific documentation. * Provides additional IT infrastructure support and project assistance as required Qualifications: * Minimum 5-7 years of experience in the field of Cybersecurity * Security Operations Center (SOC) work experience with a Bachelor's degree in computer science, information systems, or related technical discipline. * CompTIA Security+, CEH, CISSP, SSCP, CCSP or equivalent certification required. * Excellent IT skills, including knowledge of computer networks, operating systems, software, and hardware. * Web and email security systems experience required. * Nessus & Tenable.io or equivalent vulnerability management system experience required. * Anti-virus, Endpoint Detection and Response experience required. * Broad knowledge of technical security controls required. * Good oral and written communication skills. * Can effectively translate and accurately communicate security and risk implications at the most senior levels across technical and non-technical stakeholders. * This is a hybrid position that will report to our corporate headquarters in Kennesaw, GA
    $78k-105k yearly est. 14d ago
  • Manager, Information Security

    HD Supply Management 4.6company rating

    Information Security Analyst Job 15 miles from Union City

    Responsible for providing digital forensics, monitoring and compliance related to relevant requirements as requested by the CISO or the legal department. Ensure compliance with all relevant internal instructions and external regulatory compliance standards, including the management of operational risk and adherence to Company Code of Conduct and behaviors. Major Tasks, Responsibilities, and Key Accountabilities Oversees and performs computer forensic services including digital evidence collection, preservation, analysis, data recovery, tape back-up and recovery, electronic mail extraction, database examination and address relevant situational requirements. Performs comprehensive technical analyses and interpretations of computer-related evidence such as e-mail, accounting software, various databases, and information stored on electronic devices. Communicates effectively with internal customers and stakeholders about investigation status, information security capabilities and counsels requestors on information security guidelines, policies and procedures. Interviews witnesses who have contravened regulations and generates actionable reports. Keeps data in correct format, restores files and catalogue data and maintains strict confidentiality at all times. Maintains detailed written work logs and case documentation following forensic procedures. Utilizes various monitoring and filtering tools to measure and report on the state of security compliance. Ensures all lab hardware and software are verified and validated as required by various rules of evidence. Nature and Scope Solutions require analysis and investigation. Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. Manages a group or team of professional individual contributors and/or indirectly supervises support staff. Work Environment Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. Typically requires overnight travel less than 10% of the time. Education and Experience Typically requires BS/BA in a related discipline. Generally 7+ years of experience in a related field. May require certification. Advanced degree may offset less experience in some disciplines. Our Goals for Diversity, Equity, and Inclusion We are committed to creating a culture that promotes equity, respect, and advocacy for every HD Supply associate. We value the diversity of our people. Equal Employment Opportunity HD Supply is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
    $96k-124k yearly est. 60d+ ago
  • Information Security Risk and Compliance

    Purplebox

    Information Security Analyst Job 15 miles from Union City

    PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively. Job Description Multiple Information Security Risk and Compliance Positions are available. Entry-level to mid-senior level Internship, Part-Time, Full Time We are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients. Responsibilities: Manage and execute the day-to-day information security risk and compliance operational activities Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items. Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents Provides regular reporting metrics on the current state of the program. Other duties as assigned Qualifications Bachelor's degree in Computer Science, Information Technology, Business Administration, or related field Experience in information security risk assessment, compliance and/or security operations Previous experience in one or more of the areas below is a plus: --- IT Security Strategy and Management --- Risk Management, IT Audit, and Compliance --- Network, System, Database administration, support and/or help-desk experience --- Application Security, Software Development --- Security Monitoring, Data Loss Prevention, Incident Response Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF. Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus. Additional Information All your information will be kept confidential according to EEO guidelines.
    $89k-129k yearly est. 60d+ ago
  • Information Security Risk and Compliance

    Purplebox, Inc.

    Information Security Analyst Job 15 miles from Union City

    PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively. Job Description Multiple Information Security Risk and Compliance Positions are available. Entry-level to mid-senior level Internship, Part-Time, Full Time We are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients. Responsibilities: Manage and execute the day-to-day information security risk and compliance operational activities Develop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organization Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders Communicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items. Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirements Manage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituents Provides regular reporting metrics on the current state of the program. Other duties as assigned Qualifications Bachelor's degree in Computer Science, Information Technology, Business Administration, or related field Experience in information security risk assessment, compliance and/or security operations Previous experience in one or more of the areas below is a plus: --- IT Security Strategy and Management --- Risk Management, IT Audit, and Compliance --- Network, System, Database administration, support and/or help-desk experience --- Application Security, Software Development --- Security Monitoring, Data Loss Prevention, Incident Response Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF. Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus. Additional Information All your information will be kept confidential according to EEO guidelines.
    $89k-129k yearly est. 7d ago
  • Information Security Governance Support Analyst

    Alston & Bird's Antitrust Group 4.9company rating

    Information Security Analyst Job 15 miles from Union City

    THE FIRM As a leading international law firm, we are dedicated to excellence through impactful communication, collaboration, and community involvement. Our company culture has earned us one of the "100 Best Companies to Work For" for 26 consecutive years. This honor, along with many others, highlights our commitment to innovation and professional development. At Alston & Bird LLP, our foundation is made of trust, reliability, and compassion. JOB DESCRIPTION Are you passionate about shaping the future of cybersecurity from a strategic lens? As part of our Information Security Governance team, you'll help steer the ship-not just keep it afloat. Under the guidance of experienced leaders, you'll dive into a variety of impactful initiatives that strengthen our firm's security posture. Your mission? Evaluate and manage third-party vendor risks with a sharp eye for detail. Lead the charge on client security assessments and ensure smooth, transparent communication. Track and support remediation efforts that keep our risk profile in check. Continuously monitor vendor performance and compliance. Expand and evolve our governance program to meet tomorrow's challenges. Design and deliver engaging security awareness education that sticks. This role is all about driving the firm's Information Security Governance, Risk, and Compliance (GRC) program forward-with purpose, creativity, and a touch of fun. Are you ready to take on the challenge and help us stay ahead of the curve? Apply now and make a difference! ESSENTIAL DUTIES 1. Third-Party Risk Management: Conduct comprehensive risk assessments of vendors, focusing on security measures and compliance with information security/cybersecurity frameworks. Evaluate vendors' IT and information security systems to identify potential risks and vulnerabilities. Develop and implement vendor risk management policies and procedures. Collaborate with procurement and legal teams to ensure vendor contracts include necessary risk mitigation clauses. Monitor vendors' performance and compliance with contractual obligations. Prepare reports, summaries, and metrics on third-party security assessments to stakeholders. Analyze and interpret third-party security assessment findings and provide recommendations and remediation plans to mitigate identified risks. Monitor and track third-party risk issues, ensuring timely resolution and appropriate risk mitigation actions. 2. Client Security Assessments: Coordinate responses to client security inquiries. Prepare thorough responses based on details of our technical and policy environment. Collect and/or prepare evidence as necessary. Communicate progress to team members and clients. 3. Governance Program Support: Manage and monitor configurations related to Firm policies, client-specific policies, and/or product-specific policies. Identify and recommend enforcement capabilities. Coordinate establishment of necessary controls. Manage exceptions and exclusions. Support governance initiatives and special projects of other teams as required. Maintain current knowledge of industry-recognized risks, possible security vulnerabilities, and current security solutions. Remain aware of industry standards, compliance, regulation requirements, and best practices. Recommend and/or support certification efforts. Identify, develop, and document policies and procedures. 4. Security Awareness and Education: Assist in the development and delivery of security awareness training. Support the firm's secured File Transfer Protocol (FTP) system. Monitor software installations to ensure compliance with firm policy. SKILLS, EXPERIENCE, AND INTERESTS Governance and Compliance: Thorough understanding of governance concepts, approaches, controls, and frameworks (ISO27000, NIST CSF, SOC 1 and SOC 2 Type I and II, etc.). Familiarity with relevant laws and regulation requirements (HIPAA, state privacy laws, EU privacy, GDPR, etc.). Experience in compliance, risk assessments, investigations, or other forensic reviews. Technical Skills: Strong understanding of IT systems and information security practices, including enterprise IT infrastructure and architecture, operating systems, servers, web applications, endpoint and network security, identity and access management, security protocols, cloud security, cryptography, secure coding, SSDLC, penetration testing, vulnerability management, patch management, SIEM, etc. Solid understanding of cloud vendors and the varying responsibilities between IaaS, PaaS, SaaS, etc. Analytical and Communication Skills: Very strong professional verbal and written communication skills, explaining technical information to clients, vendors, senior management, and staff (both technical and non-technical). Ability to identify and evaluate vendor risks. Ability to analyze complex data to make risk-related decisions. Project Management and Organizational Skills: Ability to multitask and switch focus among multiple different efforts quickly. Excellent organizational and self-management skills. Strong project management skills and experience. EDUCATION AND EXPERIENCE Required: Prior risk, compliance or governance experience. Up to 2+ years of experience in governance, risk or compliance. Prior third-party risk management experience. Preferred: Bachelor's degree in information security governance, risk, compliance, or IT-related majors. Applicable certification (CISA, Security+, CISSP, CGEIT, or similar). Prior technical experience. Experience in heavily regulated industries. EQUAL OPPORTUNITY EMPLOYER Alston & Bird LLP is an Equal Opportunity Employer does not discriminate on the bases of any status protected under federal, state, or local law. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law on the basis of race, color, religion, sex, age, sexual orientation, gender identity and/or expression, national origin, veteran status or disability in relation to our recruiting, hiring, and promoting practices. The statements contained in this position description are not necessarily all-inclusive, additional duties and responsibilities may be assigned, and requirements may vary from time to time. Professional business references and a background screening will be required for all final applicants selected for a position. If you need assistance or an accommodation due to a disability you may contact **************************. Alston & Bird is not currently accepting resumes from agencies for this position. If you are a recruiter, search firm, or employment agency, you will not be compensated in any way for your referral of a candidate even if Alston & Bird hires the candidate.
    $78k-101k yearly est. 11h ago
  • Customer Assurance Analyst

    ACI Worldwide 4.7company rating

    Information Security Analyst Job 31 miles from Union City

    Join the Team Making Possibilities Happen If you've ever used an ATM, paid a bill through your phone, sent money to a friend or shopped online, chances are your transaction was safeguarded and processed using our software. Now it's your turn to serve the payment needs of organizations and people the world over. This position can be remote but candidates must live and work in the US in Eastern and Central Time Zone only. Job Purpose Serve as Liaison to facilitate ACI's response to external audit/exam/assessment engagements to provide external assurance of ACI's management, operational, and control alignment with applicable regulations, IT security standards, contract requirements, etc. as related to Information Security and Risk Management policies, procedures, and relevant control implementations. Scope of engagements will include but is not limited to global Regulations of Financial Services/Banking and Healthcare sectors, Industry Standards such as ISO (27001, 27017), PCI (DSS, PIN, 3DS), SSAE18 (SOC1/SOC2), and industry best practice related to Information Security, Risk Management, Business Continuity/Disaster Recovery, Privacy, and more. Source of external engagements include but is not limited to Regulators, Customers, Business Partners, and more. Essential Functions and Responsibilities Work collaboratively externally, and internally with many teams across functional areas and geographies to ensure engagements are facilitated professionally and timely. Provide audit/exam/assessment subject matter expertise to ensure engagement achieves its stated goal in a timely manner. Work proactively to reduce impact of engagement and limit duplication of control analysis and testing, by leveraging readily available assurance package of information and relevant reports available for distribution to auditors/examiners. Work closely with team members to identify similar requests and leverage shared knowledge and experience to efficiently facilitate each engagement. Facilitate the completion of all required tasks during the engagement, including but not limited to answering due-diligence questionnaires, providing policy/procedure documentation and control evidence to auditor/examiner, coordinating meetings with relevant SMEs, hosting web-sessions, documenting meeting minutes and audit/exam notes, and more. Utilize all necessary tools to ensure all relevant documentation is gathered and stored during and post engagement. Communicate engagement requests and notices with urgency to management and key stakeholders, escalate engagement risks effectively and drive to resolution in timely manner to ensure minimal impact to engagement. Understand and adhere to all Corporate Policies, including but not limited to ACI Code of Business Conduct and Ethics, and Global Information Security Standards Understand and adhere to all department procedures for facilitation of engagements, tracking and reporting of engagement findings, and escalation procedures as needed. Communicate effectively and professionally in all aspects of the role, internally and externally, representing ACI's Core Values and promoting a positive environment for ACI to maintain and build trust within the context of external engagements. Effectively utilize, and support development and maintenance, of team processes and procedure documentation, tools for tracking and reporting engagements, their status and progress, and any outcome requiring further monitoring and reporting. Contribute to ongoing maturity and development of team to achieve goals outlined by management. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies. Other duties as assigned. Qualifications (Education, Experience, Knowledge, Skills, and Abilities) Bachelor's degree or equivalent experience, preferably in Information Systems related field of study, Information Security Risk Management/Third Party Risk Management, or Compliance, Certification Requirements: CISM, CRISC, CISA, CISSP, or CTPRP required. 3+ years' experience in related fields, such as Information Security, Risk Management/Third Party Risk Management, Compliance Certification Requirements: CTPRP or equivalent certification required. Preferred Qualifications (Education, Experience, Competencies) Certification: CISM, CRISC, CISA, CISSP, or CTPRP required. Prior experience in Payments Services industry Benefits: In return for your expertise, we offer growth, opportunity, and a competitive compensation and benefits package in a casual work environment. Are you ready to help us transform the world of electronic payments? To learn more about ACI Worldwide, visit our web site at ******************** Job ID (Requisition #16097) ACI Worldwide is an AA/EEO employer in the United States, which includes providing equal opportunity for protected veterans and individuals with disabilities, and an EEO employer globally #LI-LF1 #LI-Hybrid
    $65k-84k yearly est. 7d ago
  • Manager, Information Security

    HD Supply Management 4.6company rating

    Information Security Analyst Job 15 miles from Union City

    Manage and coordinate a team of Security Managers and Engineers. Ensure tight rigor and control over Security Operations and Audit processes. Major Tasks, Responsibilities, and Key Accountabilities Serves as an internal information security consultant to the organization. Effectively leads and or coordinates all internal dedicated security functions including but not limited to - patching, anti-virus, intrusion prevention, CERT response, log file monitoring, cross division security coordination, systems operational security testing, rule set analysis, threat detection and adaptation, as well as advent security related functions. Initiates activities to create information security awareness within the organization. Performs information security risk assessments, and acts as an internal auditor. Evaluates audit findings and drives remediation of identified control deficiencies. Reviews all system-related security planning throughout the network and acts as a liaison to information systems. Monitors compliance with information security policies and procedures, addressing problems with the appropriate department manager or data owner. Oversees the security policy to ensure appropriateness. Provides training and consultation to ensure understanding of and compliance with established security standards and controls. Manages the Computer Security Incident Response Plan. Manages the Risk Program including coordination and follow-up of the semi-annual risk assessment and development and implementation of business unit policies and standards. Manages the business unit's audits and examinations. Works with management to put controls in place needed to comply with SOX and PCI regulatory requirements. Nature and Scope Solutions require analysis and investigation. Achieves planned results by decisions and actions based on professional methods, business principles, and practical experience. May recommend/make decisions regarding new programs/initiatives that have significant impact to the business and carry consequences in unsuccessful endeavors. Manages a larger team or multiple small teams through direction of subordinate management and/or supervisory staff. Work Environment Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. Typically requires overnight travel less than 10% of the time. Education and Experience Typically requires BS/BA in a related discipline. Generally 7+ years of experience in a related field. May require certification. Advanced degree may offset less experience in some disciplines. Our Goals for Diversity, Equity, and Inclusion We are committed to creating a culture that promotes equity, respect, and advocacy for every HD Supply associate. We value the diversity of our people. Equal Employment Opportunity HD Supply is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
    $96k-124k yearly est. 19d ago

Learn More About Information Security Analyst Jobs

How much does an Information Security Analyst earn in Union City, GA?

The average information security analyst in Union City, GA earns between $61,000 and $119,000 annually. This compares to the national average information security analyst range of $71,000 to $135,000.

Average Information Security Analyst Salary In Union City, GA

$85,000
Job type you want
Full Time
Part Time
Internship
Temporary