Senior information security analyst job description

Role Summary/Purpose:
The Senior Analyst, Information Security Metrics will be responsible for the data analysis, data management, and automation to support and grow the Information Security Metrics Program. Data analysis will include understanding the data provided by metric owners and developing a process to calculate the defined metric. Data management comprises supporting the metric collection process and organizing the data collected. Automation includes improving collection and calculating procedures to minimize human error and manual labor and developing dashboards to effectively present the metrics to Operational Teams, Senior Leadership, Board members, and regulatory committees.

Essential Responsibilities:
Collaborate with metric owners to manage the data and automate the calculation process using Tableau, Power BI, QlikView, Splunk, etc. Implement process improvements to streamline and reduce manual labor throughout the Monthly Metric Cycle using Microsoft O365 tools I.e. SharePoint, Nintex, Power Apps, Power automates and other tools Perform BAU metric reporting and data analysis to support the Monthly Metric Cycle. Work with process owners, key stakeholders and other team members to ensure the process improvement plans and metrics are determined, measured consistently and reported Perform automation, data analysis and visualizing to report on all reasonable metrics, which helps improve the functioning of IS organization and its associated internal functions Open to learn new tools, techniques, business and technologies on a continuous basis

Qualifications/Requirements:
Bachelor's degree in computer science, data management, information security, or other engineering or IT-related major. Minimum of 4 years experience working as a business intelligence analyst or process quality specialist where there is lot of process improvement and automation initiatives handled and data analysis and reporting performed. Minimum of 2 years experience in data visualization through dashboard creation. Proficiency working with Microsoft O365 tools such as Sharepoint, Nintex Forms and Workflows, Power Automate, Power Apps Sound communication skills: Able to clearly present information through spoken or written work; reads and interprets complex information; conveys information effectively; listens well. For Internal Applicants: Understand the criteria or mandatory skills required for the role, before applying.Inform your Manager or HRM before applying for any role on Workday.Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format) Must not be any corrective action plan (First Formal/Final Formal, PIP) Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.Level 8+ employees can apply

Desired Characteristics:
Experience in implementing automation for data calculation processes using SharePoint, Nintex, Power Apps, Power automates and other tools Experience in developing dashboards using Power BI, Tableau or other Business Intelligence tools. Experience with basic SQL, PL/SQL VBA, MS Excel and other Office suite applications would be an added advantage Knowledge of cybersecurity and related disciplines beyond a basic level is a plus Should be a self-starter who demonstrates ownership over assigned objectives and is able to work independently and with a team Leadership skills with a passion for continuous improvement

Grade/Level: 09

Job Family Group:
Information Technology

BAE Systems is seeking a Senior Information Security Analyst to join our team supporting the Department of Defense (DoD) High Performance Computing (HPC) Modernization Program (DoD HPCMP) and Army Corps of Engineers, Engineer Research and Development Center (ERDC) DoD Supercomputing Resource Center (DSRC) located at Vicksburg, MS. The successful candidate will serve as an IT Systems Security Engineer for HPC engineering and operations, and will liaison with senior government personnel supporting critical national DoD HPC systems.

Work will include the design, test, and implementation of secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies; participation in technical forums; and representing our company in joint meetings with the customer on IT Systems Security topics.
#hitsu


Required Education, Experience, & Skills


Bachelor's Degree and 6+ years' working experience, or equivalent experience; candidates with Armed Forces college courses or Associate Degrees, extensive certification, and additional experience are highly encouraged to apply. 8570.01M/ IAT-II


Preferred Education, Experience, & Skills

2 years' experience in various HPC systems, various HPC technologies:
Cray/Cray EX, IBM, SGI, Penguin, or custom architectures Linux variants OS InfiniBand (IB), Intel Omni-Path interconnects Portable Batch System (PBS), Simple Linux Utility for Resource Management (SLURM), or IBM Platform Load Sharing Facility (LSF) schedulers Intel Xeon, AMD EPYC, or ARM CPUs Nvidia graphic processing units (GPU)s ITIL Foundation


About BAE Systems Intelligence & Security

BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it's what we do at BAE Systems. Working here means using your passion and ingenuity where it counts - defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team-making a big impact on a global scale. At BAE Systems, you'll find a rewarding career that truly makes a difference.

Intelligence & Security (I&S), based in McLean, Virginia, designs and delivers advanced defense, intelligence, and security solutions that support the important missions of our customers. Our pride and dedication shows in everything we do-from intelligence analysis, cyber operations and IT expertise to systems development, systems integration, and operations and maintenance services. Knowing that our work enables the U.S. military and government to recognize, manage and defeat threats inspires us to push ourselves and our technologies to new levels.

Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

We're looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you're a high performer who's an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.

#LI-SS1 #LI-RemoteAlteryx is searching for a Senior Analyst, Information Security GRC Business Continuity, to work remotely in the USA or in our Irvine or Redwood City office.

Alteryx is looking for a dynamic and results driven individual to work within the Information Security Governance, Risk and Compliance (GRC) function. A successful candidate in this role will be able to engage, inform, and get buy-in from leaders across the firm and work with them or their delegates to mature and develop business continuity plans and conduct periodic impact assessments. The ability to understand and represent the needs of business partners in time-sensitive situations while reinforcing established policies and procedures is also a highly visible part of overall job success.
Responsibilities
Support the business continuity management (BCM) program, including performing a business impact analysis (BIA), developing and testing business continuity plans (BCP), coordinating with IT on disaster recovery planning and updating crisis management plans (CMP) Assist in the planning, execution, and follow up of department and enterprise continuity tests Research, document, and manage action items and after-action reports related to live or planned incidents Be a Security and Compliance Champion that promotes and evangelizes awareness of different security and compliance risks and best practices across the company Regularly liaison with critical internal partners including but not limited to Legal, HR, and Internal Audit to secure buy-in and ensure consistency in programs and initiatives Support the Security Sales Enablement team with responding to client questionnaires and assist with the periodic validation and updating of items in the answer repository Assist with risk assessments-including third party vendor assessments, and manage associated security risk remediation activities Conduct control and risk assessments of technical operating environments and third party. Identify, document, and manage gaps related to security and compliance and other tasks to support ensuring Alteryx's underlying data and information security processes, infrastructure and measures are fit for purpose and scaled to deliver an appropriate level of protection.Review regulatory requirements, external policies or standards related to Information Security, and conduct gap analysis to internal security policies and requirements. Ensure compliance with regulatory compliance and certification programs (e.g., ISO 27001, SOC II, NIST CSF, FIPS, FedRAMP) Collaborate with cross-functional teams to ensure security related controls are documented and managed Serve as a subject matter expert on internal controls and security, and collaborate with Product Strategy and Development on product enhancements, features and security capabilities Provide consultative support for users in implementation or conversion of security risks Initiate new security projects and identify ways to improve internal security processes and operations while mitigating security related risk Ensuring compliance with the established key metrics that measure data security standards, the ISO standards/certification and provide evidence of compliance for internal and external audits.

Requirements
Alteryx Designer Core certification or a minimum of five (5) years experience writing SQL in an enterprise setting Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives within multiple departments Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.Follows policies and procedures; completes tasks correctly and on time; supports the company's goals and values.
Bonus
A comprehension of security standards and frameworks, rules and regulations, and system trust principals, such as ISO, NIST, OWASP, SANS Top 20, PCI-DSS, SOX-404, CSA Star, ITIL, and SOC2.The ability to discern patterns from large amounts of disparate information while remaining adaptable in rapidly changing situations and environments.Ability to make informal and formal presentations, inside and outside the organization; speaking before assigned team or other groups as needed.Ability to deal with complex challenges involving multiple facets and variables in non-standardized situations. Capability to work with little to no supervision while performing duties.Bachelor's Degree in Information Technology, Mathematics, Business, or Engineering with a minimum of three (3) years' progressive information security GRC experience is preferred Base understanding of Security Methodologies required.Possible certification requirements include: Certified Information Systems Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC)

Compensation:Alteryx is committed to fair and equitable compensation practices. The salary range for this role in Irvine, CA is $111,900-190,200. This position is also remote-friendly and, as such, compensation will ultimately be in line with the location in which the position is filled. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location.
This role is eligible for variable compensation including bonus and stock grants.

Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we're invested in building teams with a wide variety of backgrounds, identities, and experiences.

Benefits & Perks:
Alteryx has amazing benefits for all Associates which can be viewed here.