FIND PERSONALIZED JOBS
Sign up to Zippia and discover your career options with your personalized career search.
Sorry, we can't find that. Please try a different city or state.

Senior Information Security Analyst

This job has expired and is no longer available.
APPLY NOW
Apply Now
×
FIND
PERSONALIZED JOBS

Sorry, we can't find that. Please try a different city or state.

CONTENT HAS
BEEN UNLOCKED
Close this window to view unlocked content
or
find interesting jobs in

Log In

Log In to Save

Sign Up to Save

Sign Up to Dismiss

Sign Up

SIGN UP TO UNLOCK CONTENT

or

The email and password you specified are invalid. Please, try again.

Email and password are mandatory

Forgot Password?

Don't have an account? Sign Up

reset password

Enter your email address and we will send you a link to reset your password.

Back to Log In

Log In

Log In to Save

Sign Up to Save

Sign Up to Dismiss

Sign up to save the job and get personalized job recommendations.

Sign up to dismiss the job and get personalized job recommendations.

or

The email and password you specified are invalid. Please, try again.

Email and password are mandatory

Already have an account? Log in

reset password

Enter your email address and we will send you a link to reset your password.

Back to Log In

Company Saved

Answer a few questions and view jobs at that match your preferences.

Where do you want to work?

Job Saved

See your Saved Jobs now

or

find more interesting jobs in

Job Dismissed

Find better matching jobs in

Your search has been saved!

Top 50 Senior Information Security Analyst Skills

Below we've compiled a list of the most important skills for a Senior Information Security Analyst. We ranked the top skills based on the percentage of Senior Information Security Analyst resumes they appeared on. For example, 9.9% of Senior Information Security Analyst resumes contained Ensure Compliance as a skill. Let's find out what skills a Senior Information Security Analyst actually needs in order to be successful in the workplace.

These are the most important skills for a Senior Information Security Analyst:

1. Ensure Compliance

demand arrow
high Demand
Here's how Ensure Compliance is used in Senior Information Security Analyst jobs:
  • Coordinated security escalation activities within each unit to ensure compliance and compliance management.
  • Collaborate with cross-functional teams including Engineering, IT, Network Operations, Legal and Sales to deliver projects and ensure compliance.
  • Provide management support to the IAO and IA systems overseeing the IAO to ensure compliance with established policies and procedures.
  • Work closely with various IT operation teams to ensure compliance, liaison between the customer/business and external auditor/QSA.
  • Govern audit files to ensure compliance, compile and analyze data, and maintaining reports of audits.
  • Lead security risk assessments to ensure compliance with corporate security policies and adherence to best practices.
  • Audit & regulatory compliance for Identity Management Managed project for segregation of duties, for critical applications to ensure compliance.
  • Implement and monitor IT security controls and ensure compliance to relevant regulations, monitoringplans, security policies and procedures.
  • Developed strong recommendations for remediating findings to reduce risk and ensure compliance.

Show More

2 Ensure Compliance Jobs

No jobs at selected location

2. Vulnerability Assessments

demand arrow
high Demand
Here's how Vulnerability Assessments is used in Senior Information Security Analyst jobs:
  • Contributed to improving the Security Assessment process, which is used to perform Security Risk Assessments, Vulnerability Assessments and Security Reviews
  • Conduct risk and vulnerability assessments for planned and installed information systems to identify vulnerabilities, risks and protection needs.
  • Performed operating system and application vulnerability assessments and monitored compliance to policy across multiple platform and diverse system environments.
  • Performed Audits, Security Design, Gap Analysis, Documentation, Penetration Tests and Vulnerability Assessments.
  • Conduct penetration testing and security vulnerability assessments on highly sensitive and high profile National Security Systems.
  • Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.
  • Performed in-depth vulnerability assessments of DoD and provided expert technical consultation on highly complex tasks.
  • Coordinated server and database violations and vulnerability assessments and remediation every quarter.
  • Performed Vulnerability Assessments and identified corrective actions to mitigate known vulnerabilities.
  • Conduct vulnerability assessments and support the mitigation of any defined risks.
  • Presented technical vulnerability assessments and penetration testing results to senior management.
  • Performed internal and external vulnerability assessments and penetration testing activities.
  • Analyze IT security environment and develop threat and vulnerability assessments.
  • Assisted in vulnerability assessments and penetration testing, as needed
  • Perform vulnerability assessments for Citibank various websites worldwide.
  • Conduct vulnerability assessments and mitigate risks.
  • Serve as primary lead support for Intrusion Detection and Vulnerability assessments and issues.
  • Conducted offsite security reviews, including penetration and vulnerability assessments as required.
  • Use IBM (ISS) Systems Scanner and Nmap for Vulnerability assessments.
  • Instructed onboard new members to organizational security practices and trained them in performing Cyber Security vulnerability assessments and intermediate Penetration testing.

Show More

7 Vulnerability Assessments Jobs

No jobs at selected location

3. Information Security Policies

demand arrow
high Demand
Here's how Information Security Policies is used in Senior Information Security Analyst jobs:
  • Provide for an in-depth evaluation of the supplier/vendor enterprise-wide information security policies, procedures, and user awareness training programs.
  • Review security solutions to ensure compliance with corporate information security policies, standards and practices.
  • Ensured alignment of overall Information Security policies and standards through audit and oversight processes.
  • Develop and implement information security policies, operating procedures, and guidelines.
  • Develop comprehensive information security policies and supporting policies and standards and procedures.
  • Ensured communication and compliance of corporate information security policies and data security.
  • Created, administered and updated information security policies.
  • Worked on development of 'new employee' training program to incorporate elements of Information Security Policies.
  • Assisted in defining, implementing, and maintaining information security policies, standards and procedures.
  • Participated on project meetings to ensure the information security policies and standards were met.
  • Reviewed and maintained IT information security policies, procedures, and standards.
  • Architected global information security risk and governance program, authored and implemented global information security policies and procedures.

Show More

11 Information Security Policies Jobs

No jobs at selected location

4. Risk Assessments

demand arrow
high Demand
Here's how Risk Assessments is used in Senior Information Security Analyst jobs:
  • Ensured the involvement of other Information Security Risk Management teams as needed for in-depth risk assessments of technology service providers.
  • Conducted internal risk assessments and designed process and technology enhancements to mitigate risk.
  • Performed risk assessments on corporate computer environment and third-party business partners.
  • Develop techniques, procedures and utilities for improving security risk assessments.
  • Performed risk assessments of various aspects of information technology.
  • Risk assessments, vulnerability scanning, information security policy.
  • Performed risk assessments on applications and Checkpoint firewall.
  • Conducted Third-party Information Security Risk Assessments.
  • Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures.
  • Led information security projects, risk assessments, and investigations across three campuses, including one in Qatar.
  • Conduct 3rd party vendor Risk Assessments which included gathering requirements, vendor participants and evaluating responses.
  • Conducted systems' annual risk assessments, developed and tracked completion of corrective action plan activities.
  • Lead Risk Analyst for Security Reviews for all internal applications and vendor risk assessments.
  • Performed security risk assessments of IT networks, computer systems and applications.
  • Performed Risk Assessments, Vendor Assessments, and documentation of recommendations.
  • Completed risk assessments based on OMB Circular A-123 compliance guidelines.
  • Created risk assessments and risk validation in the Application Environment.
  • Conducted risk assessments on General Support Systems and Major Application (i.e., mainframe, Solaris, and UNIX).
  • Document business requirements; perform risk assessments, support investigations and audits by utilizing IT review and IT forensics procedures.
  • Perform and remediate Security Test and Evaluations, Risk Assessments, independent Verifications and Validations.

Show More

24 Risk Assessments Jobs

No jobs at selected location

5. Infrastructure

demand arrow
high Demand
Here's how Infrastructure is used in Senior Information Security Analyst jobs:
  • Lead the initiative with the infrastructure team to address and mitigate security threats and vulnerabilities through the vulnerability management program.
  • Planned and upgraded all new technical security architecture including design and development of data center security infrastructure.
  • Review maintenance and IT infrastructure processes to ensure efficient and adequate security provisions.
  • Recommended and integrated upgrades to current infrastructure that were followed and implemented.
  • Advised Treasury officials on safety of critical infrastructure of U.S. Treasury systems.
  • Represented NSP on Federal Critical Infrastructure Protection Committee.
  • Conduct security assessments of IT Infrastructure, vulnerability scanning, reporting, and mitigation.
  • Handled setup of VPN infrastructure for Water Managers that maintained SCADA control systems.
  • Worked in Infrastructure Management Group - Enterprise Access Management.
  • Supported EPF software, systems and infrastructure administration.
  • Lead for GAO and PWC RACF infrastructure audits.
  • Key analysts in resolving and facilitating on going compliance challenges for ServiceNow worldwide cloud infrastructure.
  • Supported & maintained endpoint encryption software and infrastructure with Sophos SafeGuard.
  • Managed personnel responsible for monitoring systems to ensure that the IT infrastructure is compliant with US Federal Directives and Laws.
  • Identified and remediated security deficiencies on VA's network infrastructure, database platforms and Web application servers.
  • Implemented projects using Information Technology Infrastructure Library (ITIL) best practices and methodology.
  • Perform Security Gap Analysis and develop security infrastructure roadmap to evolve current program..
  • Provide technical analysis and support to document and implement the SIPRnet Public Key Infrastructure (PKI) for SIPRnet users.
  • Utilized McAfee Epolicy Orchestrator 3.6 to provide maximum Anti-Virus protection to the network infrastructure, in accordance to Company Policies.
  • Performed both infrastructure support as well as content development for Arcsight 4.5 platform.

Show More

11 Infrastructure Jobs

No jobs at selected location

Job type you want
Full Time
Part Time
Internship
Temporary

6. Incident Response

demand arrow
high Demand
Here's how Incident Response is used in Senior Information Security Analyst jobs:
  • Monitored intrusion prevention alerts and initiated incident response measures checking the validity of such alerts.
  • Mitigated personally identifiable information (PII) data spillage using agency incident response procedures.
  • Developed, completed and revised reports related to incident response and continuous monitoring.
  • Led technical security tool design, team coordination and security incident response.
  • Perform security analysis in support of Computer Incident Response Team investigations.
  • Perform computer Security Incident Response activities for a large organization.
  • Serve as subject matter expert during security incident response activities.
  • Assisted incident response team with incident analysis and mitigation strategies.
  • Assist with the creation of policies and procedures for the Computer Security Incident Response Center (CSIRC) systems.
  • Provided assistance in live incident response efforts, while supporting our forensic colleagues in collecting volatile data / evidence.
  • Utilize established processes and tools to focus on incident response, threat identification, analyses, and remediation.
  • Develop Incident Response process and procedures, as well as identified, investigated, and resolved security issues.
  • Led security incident response team in its assessment of impact severity and resolution efforts to correct breaches.
  • Review forensic tools to develop Forensic Analysis and support Incident Response efforts.
  • Coordinated incident response activities with IT teams and business unit leaders.
  • Conduct Tier II and Tier III incident response and investigation.
  • Owned the corporate Incident Response Plan, policies and processes.
  • Assisted in incident response and recommend corrective actions.
  • Designed the Computer Security Incident Response Plan.
  • Provide onsite and remote training regarding incident response for the global IT support teams.

Show More

26 Incident Response Jobs

No jobs at selected location

7. Nist Security Policies

demand arrow
high Demand

8. Information Technology

demand arrow
high Demand
Here's how Information Technology is used in Senior Information Security Analyst jobs:
  • Coordinated and participated internal and external audits between Information Technology, ERM and Business departments.
  • Developed information technology and security plans that support a culture of proactive security initiatives.
  • Key Contributions * Performed complex technical analysis of proposed and existing information technology solutions.
  • Work very closely with Information Technology Officers (ITAO's) to identify application restrictions and identify areas for improvements.
  • Developed and managed work breakdown structure (WBS) of information technology projects.
  • Prepared RFPs for information technology procurement.

Show More

26 Information Technology Jobs

No jobs at selected location

9. PCI DSS

demand arrow
high Demand
Here's how PCI DSS is used in Senior Information Security Analyst jobs:
  • Perform gap analysis based on the requirements defined in PCI DSS and design a remediation plan to meet the compliance requirements.
  • Lead the organization through PCI DSS certification including the development and implementation of Policies and Procedures.
  • Create and deliver PCI DSS assessment material for annual PCI DSS Level 1 assessments.
  • Developed PCI DSS 3.2 compliant file integrity monitoring solution for enterprise deployment.
  • Assess enterprise information systems internal controls as required by PCI DSS.
  • Participated in the development of the PCI DSS Awareness Program.
  • Interact directly with PCI DSS QSA's for annual PCI DSS assessment.
  • Manage PCI DSS external assessments, penetration tests and open items resolution.

Show More

12 PCI DSS Jobs

No jobs at selected location

10. Firewall

demand arrow
high Demand
Here's how Firewall is used in Senior Information Security Analyst jobs:
  • Translated business requirements into firewall changes and moved through change management process into implementation and follow up.
  • Provide approval authority for network and firewall changes for corporate change management.
  • Managed testing and replacement of server and desktop firewall applications.
  • Evaluate firewall protection against hackers and entrust to find vulnerabilities.
  • Monitor firewalls on both unclassified and classified networks.
  • Lead in deploying new technologies to data center/branch offices including firewall, NAC, wireless & switching technologies.
  • Conducted building network system for the internal and external network system along with pix firewall.
  • Audited and certified firewall, router, and proxy related ACL and configuration changes.
  • Create and manage multiple Virtual firewalls within high-end SRX firewalls for market data segmentation.
  • Supported extensive and high profile Check Point firewall environment.
  • Install, implement and troubleshoot firewall issues.
  • Conducted Check Point firewall rule usage analysis and documented firewall policy changes utilizing Firemon.
  • Support and Implement Anti-Virus Solutions Maintain Checkpoint Firewalls.
  • Developed signatures for firewalls, SNORT/BRO and other tools & appliances based on manual analysis of reverse engineered malware.
  • Implement and configure serial failover for redundancy purposes for PIX/ASA firewalls, checkpoint clustering and load balancing features.
  • Designed a partially automated process to review all firewall rules implemented during the previous week using enVision.
  • Automated log analysis using Perl and Python scripts from Palo Alto Network firewall configurations and logs.
  • Architected a distributed firewall change management solution using OSS fwbuilder.
  • Conducted firewall ruleset review in order to tighten access to POS and Security Management VLANs.
  • Lead project manager Fortinet Fortigate 1500D Next Gen Firewall Implementation.

Show More

9 Firewall Jobs

No jobs at selected location

11. Disa

demand arrow
high Demand
Here's how Disa is used in Senior Information Security Analyst jobs:
  • Participated in areas of planning, training, and preparation for contingency and disaster recovery operations.
  • Interact with global data center vendors to determine production and alternate computing facilities disaster recovery/COOP solution.
  • Developed, facilitated, documented, and implemented Disaster Recovery Strategies / Policies / Procedures.
  • Provided guidance and recommendations in developing systems contingency plans and disaster recovery procedures.
  • Designed and facilitated Disaster Recovery and SIRT tabletop exercises for Senior Leadership.
  • Served as assistant Disaster Recovery Coordinator during annual DR program exercises.
  • Worked with multiple documents including Business Continuity and Disaster Recovery.
  • Assisted in production implementation plans and disaster recovery plans.
  • Conducted disaster recovery planning and firewall administration policy directives.
  • Performed daily disaster recovery administration.
  • Design, Deployed and implemented DISA Assured Compliance Assessment Solution (ACAS) for use on PMRF systems.
  • Worked on server and workstation upgrades, backup and disaster recovery, user account setup and security administration.
  • Advised organizational executives on complex IT issues such as anti-spam, anti-virus, and disaster recovery plans.
  • Involved in disaster recovery plans development, review, execution and maintenance.
  • Evaluated the results of the annual disaster recovery testing process.
  • Evaluate and assist with the on-going development and maintenance of computer disaster recovery plans supporting core business continuity.
  • Architected a disaster recovery solution.
  • Documented procedures, quick reference guides, knowledgebase articles, design guides, test plans, disaster recovery plans, etc.
  • Provide compliance and oversight support for the IT Contingency/Disaster Recovery Plans Program.
  • Developed NMCI NIPRnet and SIPRnet circuit tracking procedures with (DISA).

Show More

4 Disa Jobs

No jobs at selected location

12. Architecture

demand arrow
high Demand
Here's how Architecture is used in Senior Information Security Analyst jobs:
  • Provided project management assistance and oversight-- addressed organization concerns and questions about baseline architecture requirements and its enhanced system-computing environments.
  • Provided security architecture and industry practices subject matter expert knowledge for all team members performing third party vendor risk assessments.
  • Validate and test complex security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
  • Ensured approved system baseline configuration and architecture were maintained, and updated to reflect all approved changes.
  • Participated in network and systems infrastructure design and architecture to ensure implementation of systems security policies.
  • Identified information security architecture gaps & recommended architecture changes, enhancements using a risk-based approach.
  • Provide security assessments on risks discovered in network architecture design reviews.
  • Provide technical architecture and design, procurement and implementation.
  • Developed and implemented IT security architectures.
  • Performed routine audits of firewall and system logs, perimeter devices, network devices, vendor architectures, and company policies.
  • Designed and implemented IT security architectures for the LAN/WAN, DMZ, e-commerce, server/database, and desktop environments.
  • Subject matter expert in areas of IT processes, risk analysis and threat mitigation, and security architecture.
  • Required strong knowledge of IRS architecture/infrastructure and security policies and Federal regulations (NIST & FISMA).
  • Reviewed current architecture and policies and implement changes to improve currents procedures and structure.
  • Performed independent analysis of IA architecture (IT systems) and network circuits.
  • Represented West's internal cloud-based architecture based on Cisco's universal computing system's application centric infrastructure to client auditors.
  • Assist with providing initial and on-going technical security support regarding system architectures, system requirements and training.
  • Enjoy laying the foundation of secure systems architecture, helped support network operations center and application development to meet agency goals.
  • Contributed for Corporate IT and Security Governance Board, FISERV Security working Group, FISERV SOA Security Architecture Task Force..
  • Provided integral teamwork with network team to design and implement new network architecture in workstations and servers vlans.

Show More

15 Architecture Jobs

No jobs at selected location

13. Security Assessment

demand arrow
high Demand
Here's how Security Assessment is used in Senior Information Security Analyst jobs:
  • Conduct security assessments, document test results and provide guidance with identifying threats and correcting vulnerabilities.
  • Formulated security assessment reports and recommendations for mitigating vulnerabilities and exploits in the system.
  • Write security assessment reports including detailed reports and executive summaries.
  • Managed on-site security assessments at selected third party locations.
  • Participated in vendor security assessments.
  • Prepare and provide certification recommendations to the Senior Executive Level Authorizing Officials through the Security Assessment Report (SAR).
  • Provide customers expertise regarding security assessments, the NIST 800-53 controls framework, and information security practices.
  • Completed security assessments to monitor changes and level of risk within the state of Oregon systems.
  • Led security assessment and authorization teams of 2-3persons using NIST 800-53 rev.3 standards.
  • Performed security assessments of SaaS providers, vendors, and external network connections.

Show More

6 Security Assessment Jobs

No jobs at selected location

14. Assurance

demand arrow
high Demand
Here's how Assurance is used in Senior Information Security Analyst jobs:
  • Provide management oversight for team of fifty engineers and security analyst to provide support for Systems administration, and Information Assurance.
  • Evaluate, develop, and execute information assurance processes relating to certification and accreditation.
  • Perform on-site and/or off-site Information Assurance support to JITC including vulnerability assessments.
  • Evaluated and assessed compliance with established information assurance policies and regulations.
  • Provided Information Assurance and Computer Network Defense.
  • Implement Information Assurance policies for all IT resources for both Unclassified and Classified systems for multiple systems and over 15,000 users.
  • Provided Information Assurance (IA) support to the Deputy Director, Joint Staff J7 Information Assurance Manager (IAM).
  • Leverage expertise in Windows Active Directory, Information Assurance and Cisco in operating, maintaining and repairing networking equipment 6.
  • Develop an Information Assurance and Security program for Military OneSource (MOS) agency reporting directly to the Govt.
  • Developed and implemented standardized information assurance procedures and updated policies for networks in the Middle East and Southwest Asia.
  • Assist with all aspects of the Information Assurance Vulnerability Management (IAVM) and remediation processes and reporting.
  • Functioned as Information Assurance Officer, providing technical and programmatic IA support to SIPR REL/FED DMZ Engineering Program.
  • Participated in Quality Assurance (QA) auditing of policy procedure development.
  • Selected as team's lead technical quality assurance reviewer for all packages.
  • Staff position in FORTUNE 20 enterprise-wide Information Protection & Assurance Group.
  • Developed the Information Assurance Strategy for the Business Unit.
  • Supported Information Assurance and Certification and Accrediation for strategic business objectives in support of division milestones and strategic alliance reviews.
  • Supported customers on pre-assessment of security functions and assurance requirements of their products for the CC evaluation.
  • Oversee quality assurance of all customer deliverables in compliance to ISO 9001.

Show More

4 Assurance Jobs

No jobs at selected location

15. System Security

demand arrow
average Demand
Here's how System Security is used in Senior Information Security Analyst jobs:
  • Review the system security categorization, risk assessment and security plan, and make recommendations to address significant deficiencies.
  • Assess assigned systems to determine system security status and ensure adherence to security policy, procedures and standards.
  • Train users and promote security awareness to ensure system security and to improve server and network efficiency.
  • Configure and implement changes to system security parameters and third party security products to meet security needs.
  • Provided system security for electronic data communications, network and data security, electronic commerce.
  • Interfaced with government agencies to implement information system security mechanisms & requirements.
  • Performed technical and physical security evaluations of information system security safeguards.
  • Developed and implemented all corporate information system security policies and procedures.
  • Collaborate on solutions to mitigate risks and enhance system security.
  • Performed the duties of an Information System Security Officer (ISSO) in support of the Trailblazer Project.
  • Advised CIO how to improve design, system security plans, and emergency operations plans.
  • Provided Information System Security Officer (ISSO) support to System Owners at the USPTO.
  • Involved in merger and acquisition projects to provide support from system security perspective.
  • Update, maintain and deliver annual System Security Plans.
  • Develop and maintain the System Security Plan.
  • Assessed and tested system security controls.
  • Prepare and review system security plans.

Show More

11 System Security Jobs

No jobs at selected location

16. SOX

demand arrow
average Demand
Here's how SOX is used in Senior Information Security Analyst jobs:
  • Supported all audit inquiries and facilitated data gathering and ensured compliance with SSAE3402, SOX, PCI and client related audits.
  • Supported internal and external audits and compliance efforts, including SOX, numerous client audits, and vendor performance reviews.
  • Provided IT security audit support and remediation of SAP, Oracle, Unix, and DB2 for SOX initiatives.
  • Worked with internal and external auditors (KPMG) for SOX compliance of IP Oracle and TLS DB2.
  • Developed and wrote 24 new security policies and procedures in support of the annual SOX/PCI Audit.
  • Support audit activities sponsored by internal, retained, or external audit areas(SOX).
  • Reviewed and provided input to SOX Controls for the logical access control Oracle and DB2.
  • Developed a SOX reporting metrics and monthly reporting to senior management on SOX Compliance status.
  • Provided Internal Audit Work for SOX, Finance, and Operational Audits at LPL Financial.
  • Audit preparation for compliance regarding Sarbanes-Oxley (SOX) and SAS70 protocols, HIPAA compliance.
  • Researched, tested, and implemented new security products to be GLBA and SOX compliant.
  • Lead the organization through internal and external audits for IT SOX compliance.
  • Worked with terminations and audits for role-based access to meet SOX/SAS70 requirements.
  • Led SOX testing team and provided results to external and internal audit.
  • Worked on refining the COSO/COBIT based SOX control requirements.
  • Participated in SOX and PCI compliance security management.
  • Assisted in the completion of GLBA, SOX 404, FFIEC, and internal audit compliance items, as needed.
  • Implemented and administered TripWire, Conducted 4 hands on network penetration scanning and vulnerability assessment to validate SOX/PCI compliancy.
  • Provide support to other non-SOX team to cover special projects Participate as a team member on highly complex projects.
  • Identify, track and remediate deficiencies Share knowledge across the SOX and Internal Audit organizations, as appropriate.

Show More

22 SOX Jobs

No jobs at selected location

17. Fisma

demand arrow
average Demand
Here's how Fisma is used in Senior Information Security Analyst jobs:
  • Perform FISMA continuous monitoring related activities.
  • Performed FISMA continuous monitoring-related activities.
  • Provide Federal Information Security Management Act (FISMA) and Office of Management and Budget (OMB) guidance and support.
  • Utilized NIST 800-37 rev1 Risk Management Framework (RMF) to ensure that systems were compliant with FISMA requirements.
  • Created test cases in compliance with FISMA and mapped to root guidance provisions stated by NIST SP800-53/IRS manuals.
  • Advance knowledge of Department of Defense, Department of State, NIST and FISMA policies and instructions manuals.
  • Lead over 20 FedRAMP, FISMA and NIST compliance auditing assessments over the course of three years.
  • Produced the annual FISMA report for the Chief Information Officer's (CIO) office.
  • Monitor, track and manage FISMA's compliance for the multiple agencies' IT systems.
  • Coordinated Federal Information Security Management Act (FISMA) tracking and reporting.
  • Reviewed and applied FISMA requirements, NIST recommendations and ISO/IEC 27001 standards.
  • Examined FISMA and OMB documentation for potential revisions.
  • Prepared responses for quarterly and annual FISMA reporting.
  • Plan and conduct FISMA and FedRAMP assessments.
  • Implemented security using DoD 8500 Series, DIACAP, FISMA, FIPS, NIST C&A and IAVA.

Show More

26 Fisma Jobs

No jobs at selected location

18. Cyber

demand arrow
average Demand
Here's how Cyber is used in Senior Information Security Analyst jobs:
  • Support flagship projects with expertise in security, CyberArk tool set, and other technologies as needed.
  • Led and participated in enterprise cyber intelligence steering committee, projects and initiatives.
  • Project Cyber Security Engineer for Department of Defense information security and network systems.
  • Influenced and established strong relationships with public and private cyber security partners.
  • Developed cyber security policy and strategy for new applications and systems.
  • Establish the Organization Cyber Security Privacy Controls which cover over 5,000 users
  • Maintained relationships with industry partners and sources for cyber intelligence sharing.
  • Support the organization's security governance with a cybersecurity strategy.
  • Advise the Corporate Security\Management Committee in ranking cybersecurity risks.
  • Reviewed Cybersecurity legislation and GAO documentation.
  • Developed recommendations regarding Cyber /Terrorism defense.
  • Coordinate with state cybercrime police for implementing the program to educate and spread awareness of online crimes across the state.
  • Use a variety of Cyber Network Defense (CND) tools.
  • Monitor FAA National Air Space cyber operations.
  • Lead CIRT activities when Cyber Incidents arise.
  • Prepare FFIEC Cyber Security Tool.
  • Hired by Instinet to address cyber threat problems and vulnerability management matters that were similar to issues facing NY Fed.
  • Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories.
  • Briefed DHS/Site Mgrs provided cyber defense strategies recommendations.
  • Developed performance metrics from cybersecurity strategies, SOPs Documented cyber functions, process flows and tool requirements Supported Database Administrators documenting processes

Show More

20 Cyber Jobs

No jobs at selected location

19. Active Directory

demand arrow
average Demand
Here's how Active Directory is used in Senior Information Security Analyst jobs:
  • Perform security analysis of approved Active Directory Forest architectures based on applicable DoD and Army server configurations.
  • Provide additional access via Active Directory for users assigned to internal applications and databases.
  • Managed user and computer accounts within Active Directory.
  • Provided system administration of Active Directory environment.
  • Administer Active Directory DNS/AD Replication/Certificates.
  • Utilize Active Directory to create LAN profiles, folder creation, terminations, email accounts, global and local domains.
  • Developed a monthly audit process pulling data from HR & Active Directory into SQL with custom defined queries.
  • Verified Active Directory changes & approvals for, Users, Groups, Machines, & Network-Shares.
  • Review Active Directory audit alarms to ensure administrative privileges are only granted to the appropriate accounts.
  • Integrated ACS with Active Directory so that access and authorization to network devices was centralized.
  • Served as Project leader of the Active directory Design for the new SCADA system.
  • Monitor Windows Active Directory 2003 and Network projects that pertain to Information Security.
  • Monitored and maintained Active Directory infrastructure with 7,500+ local and remote users.
  • Managed Quest4 change auditor and reporter for Active Directory.
  • Installed and configured Phone Factor for two-factor authentication with Active Directory synchronization for Citrix remote access.
  • Provided support on all systems including, Mainframe, AS400, LAN/WAN, Novell NT, Active Directory.
  • Provided systems administration support for Windows Active Directory and Novell LAN networks systems.

Show More

2 Active Directory Jobs

No jobs at selected location

20. Intrusion Detection

demand arrow
average Demand
Here's how Intrusion Detection is used in Senior Information Security Analyst jobs:
  • Worked to identify and analyze security threats using intrusion detection and network monitoring tools and acts upon that information.
  • Subject matter expert for activities related to Vulnerability Management, Compliance Monitoring, Security Auditing/Logging, and Intrusion Detection.
  • Performed a risk based evaluation of company wide network intrusion detection, log collection and analysis capabilities.
  • Reviewed CID information systems and IAVA procedures relating to criminal activity/intelligence/ military IP intrusion detection analysis.
  • Developed content for Renoir SIM program detecting behavioral events from network based intrusion detection sensors.
  • Monitored intrusion detection / prevention systems, assisting with operations and configuration.
  • Performed real-time, daily and long-term network and host-based intrusion detection analysis.
  • Monitor Checkpoint firewalls for intrusion detection.
  • Managed a team of security consultants in the installation, and monitoring of LDAP-based authentication systems, and intrusion detection systems.
  • Research, design and implement risk based IT security systems to enhance Thomson Reuters' intrusion detection and mitigation capabilities.
  • Perform daily information security monitoring activities (log review, intrusion detection, open source monitoring, etc.)
  • Participate in the intrusion detection, change management, virus response, vulnerability assessment & incident response activities.
  • Managed and reports on intrusion detection systems to help prevent attacks and discover compromised systems across the network.
  • Investigated, tested and implemented Linux based Network Intrusion Detection Systems for NASA Langley Research Center.
  • Develop, test and operates intrusion detection systems, enterprise anti-virus systems and software deployment tools.
  • Deployed and managed Host Intrusion detection system and Security Configuration system (BindView).
  • Installed, configured, and maintained Intrusion Detection System.
  • Implemented & managed an intrusion detection system.
  • Web App Assessment Qualys Vulnerability Management Intrusion Detection Incident Response
  • Led maritime IP intrusion detection analysis special project providing models to identify Cyber terrorist's capabilities, methods, and strategies.

Show More

13 Intrusion Detection Jobs

No jobs at selected location

21. Security Awareness

demand arrow
average Demand
Here's how Security Awareness is used in Senior Information Security Analyst jobs:
  • Crafted custom security awareness strategy, which served as blueprint for implementing both strategic and tactical initiatives.
  • Leveraged / delivered internal communications to profile security awareness / compliance programs through business unit.
  • Advocated security awareness and instituted Security Awareness programs to all levels of management and staff.
  • Supported Compliance Office initiatives with security awareness, incident review, and ethics behavior promotion.
  • Lead several security awareness exercises that helped bolster our enterprise wide security awareness program.
  • Perform information security training, communications and security awareness activities for new employees.
  • Manage the creation and delivery of corporate security awareness materials and training.
  • Provided end-user security awareness training, leading to zero security violations.
  • Developed and maintain an Agency wide Information Security awareness program.
  • Organize the development and execution of firm security awareness programs.
  • Created and led Security Forums to promote security awareness & education
  • Planned, developed and wrote Security Awareness training materials.
  • Developed and implemented employee Security Awareness & Training program.
  • Assisted with development of IT security awareness program.
  • Contribute to and/or develops security awareness training (annual, monthly, event specific) for employees and contractors.
  • Conduct and present Security Awareness Training to the user community.
  • Led the development of a Security Awareness program.
  • Manage development, documentation and communication of security policies, technical standards and security awareness materials.
  • Developed new security webpage to assist users in security awareness, virus protection and phishing awareness.
  • Planned and implemented security awareness including multi-media messaging campaigns, and formal compliance training.

Show More

8 Security Awareness Jobs

No jobs at selected location

22. Network Security

demand arrow
average Demand
Here's how Network Security is used in Senior Information Security Analyst jobs:
  • Apply background in management of various system and network security controls to provide third-party assessments of organization s information assurance readiness.
  • Performed network security engineering, design and support in an enterprise class environment.
  • Perform complex product evaluation, recommend and implement products/services for network security.
  • Monitor health of network infrastructure, including management of network security solutions.
  • Led and participated in day-to-day information for the Network Security Operation Center (NSOC).
  • Mentor younger members of network security group in new IDS troubleshooting and security design procedures.
  • Use appropriate and effective measures to respond to network security alerts.
  • Assist with the design and management of the network security infrastructure.
  • Provide 24/7 support for both SAP and Network security and access.
  • Evaluated NetWitness, Niksun, and NetScout network security appliances for risk management, quality control, and assurance issues.
  • Perform vulnerability and baseline scans on the client network using Retina Network Security Scanner (RNSS) and Nessus.
  • Key Accomplishments: Enhanced network security, utilizing WPA/TKIP, WPA2/AES, Checkpoint firewalls, and Cisco ACS.
  • Led $1.5M network security refresh for Ceridian as Principal Engineer.
  • Provide Network Security for the company through Novell ConsoleOne.

Show More

16 Network Security Jobs

No jobs at selected location

23. ISO

demand arrow
average Demand
Here's how ISO is used in Senior Information Security Analyst jobs:
  • Generate key insights and digest information for Target information security directors and CISO.
  • Developed information security policy and standards framework based on ISO 17799.
  • Perform Risk assessments on all technology components and business operations and recommend controls to ensure compliance with NIST and ISO standards.
  • Led small team of on-site information security professionals, chosen as FISMA security team lead for contractor's OCFO Federal ISO.
  • Act as a liaison and FI advocate by working with other functional areas to coordinate cross-functional and corporate-wide efforts.
  • Served as IT liaison for all audit related activities, including PCI, SOX, and HIPAA.
  • Review servers, networking devices and system configuration for PCI DSS, ISO27001 and HIPAA compliance.
  • Designed and implemented a Risk Management Framework derived from NIST and ISO standards.
  • Closed incident tickets in OCISO's automated system (RiskVision).
  • Act as the Information Security liaison for the various corporate affiliates.
  • Served as a liaison between all business departments and IT security.
  • Lead the CISO security metrics team.
  • Participate as a subject matter expert and or information security lead during HIPPA and ISO 27001 regulatory auditscertification processes.
  • Delivered presentations to CISOs, IT Operations Managers and other senior management
  • Represented security operations team in change control process and provided ISO/IEC [ ] guidance to cross platform teams.
  • Acted as liaison between the IT Security department and its business partners for projects and knowledge transfer.
  • Provide support to Network Operations and Software Development teams to meet Theater and Garrison Warfighter missions.
  • Key Contributions: Created vendor security assessment surveys, based on ISO 17799.
  • Aligned IT Security Policy to ISO 17799 framework.
  • Worked with the CISO to build an IT Security department at a growing healthcare organization in the Hudson Valley.

Show More

28 ISO Jobs

No jobs at selected location

24. Hipaa

demand arrow
average Demand
Here's how Hipaa is used in Senior Information Security Analyst jobs:
  • Developed and deployed numerous information systems security policies in preparation for federal HIPAA compliance
  • Delivered services that meet HIPAA Privacy and Security specifications.
  • Provide Information Security Risk posture that complies with various regulative requirements such as HIPAA, PCI, Privacy Requirements, etc.
  • Tasked with identifying security deficiencies while assisting with internal audits for SOX, HIPAA, GLBA, and SSAE No.
  • Manage all IT risk-related activities to include suppliers, policy exceptions, and regulatory requirements such as HIPAA and NIST.
  • Participate in IT security audit activities both internal and external, ensuring compliance to Federal regulations; HIPAA and GLBA.
  • Provide consulting on Security Program security strategic plan, security risk assessments, PCI DSS, and HIPAA reviews.
  • Provided training to the departments and project teams on security compliance requirements including internal policies and HIPAA regulations.
  • Conduct IT security audit activities ensuring compliance to Federal regulations; HIPAA, PCI-DSS, GLBA.
  • Supported major compliance efforts such as FISMA, PCI and HIPAA compliance violations.
  • Developed and maintained processes to comply with HIPAA regulations and PCI standards.
  • Created policies and procedures for hospital's HIPAA and SOX compliance.
  • Provided security guidance to managers and staff related to HIPAA practices.
  • Experience working with PCI and HIPAA investigations/incidents.
  • Serve as HIPAA and IT Security expert on the IT Compliance and Information Security team.

Show More

1 Hipaa Jobs

No jobs at selected location

25. IDS

demand arrow
average Demand
Here's how IDS is used in Senior Information Security Analyst jobs:
  • Performed advanced anomaly detection and analysis of the internal/external DMZ environments utilizing IPS & IDS, and implemented corrective actions.
  • Implemented updates and security patches to security applications and RealSecure IDS systems.
  • Tuned IDS rules based on incoming traffic and proactive discovery of potential threats that were applicable to the specific environment.
  • Key team member involved an effort implement a defense in depth IDS/IPS (Intrusion Detection System/Intrusion Prevention System) solution.
  • Monitored and audited the Intelligent Agent Security Module (IASM) Intrusion Detection Systems (IDS).
  • Create, modify, and delete user ids on one or more domains within the enterprise.
  • Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Utilized QRADAR for internal and External IDS, in addition to Cisco IPS.
  • Implemented, configured and maintained SNORT IDS system.
  • Performed daily monitoring of RealSecure IDS system.
  • Streamlined reporting and remediation of IDS incidents.
  • Designed firewall and IDS architecture.
  • Monitor and analyze network traffic for IPS, IDS, HIDS, and SEP events.
  • Authored a REXX userid reset tool for use by the global help desk to allow resetting and resuming user ids.
  • Implemented First IDS: Implemented the first Intrusion Detection System at Instinet for US, UK, and Tokyo.
  • Background and Scope: Defined the operating procedures for security monitor, IDS operation, and event escalation.
  • Monitor, research, and document Dell Secureworks IDS network alerts/logs.
  • Lead for IBM (ISS) RealSecure Network (NIDS) and Host Based Intrustion Detection (HIDS) system deployment.
  • Web Server, Content Server, IDSes, Firewalls, etc.
  • Use the following IDS software Fidelis, Fireeye, SourceFire, and ArcSight to identify possible threats to the network.

Show More

5 IDS Jobs

No jobs at selected location

26. Siem

demand arrow
average Demand
Here's how Siem is used in Senior Information Security Analyst jobs:
  • Managed central logging SIEM infrastructure and security alerting.
  • Managed PCI Compliance for Corporate & Point of Sale (POS) Credit card environments, using SIEM Compliance tool.
  • Upgrade and operation of the SIEM processing events from various security application and devices deployed throughout the Federal Reserve System.
  • Review security events that are populated in a Security Information and Event Management (SIEM) system.
  • Create new SIEM content and rules to help identify important security incidents and events.
  • Support Security Information and Event management (SIEM).
  • Recommended and deployed DNS logging using McAfee SIEM collectors.
  • Monitor and respond to McAfee SIEMS alert.
  • Monitor SIEM for events and/or anomalies.
  • Project managed and responsible for coordinating the implementation the corporate SIEM system, Splunk for Enterprise Security.
  • Facilitate enterprise wide SIEM (QRadar) implementation.

Show More

23 Siem Jobs

No jobs at selected location

27. Security Tools

demand arrow
average Demand
Here's how Security Tools is used in Senior Information Security Analyst jobs:
  • Responded to information security-related inquiries using information security tools/procedures.
  • Tested, evaluated and recommended security tools/products to enhance infrastructure security controls.
  • Participate in various proofs of concepts workshops for the enterprise security tools such as McAfee DLP and E-Discovery forensic solutions.
  • Researched and tested Linux based open source security tools.
  • Identified and implemented Information/Cyber Security tools.
  • Train helpdesk on how to use security tools.

Show More

28. Security Requirements

demand arrow
average Demand
Here's how Security Requirements is used in Senior Information Security Analyst jobs:
  • Developed, updated and maintained efficient agency-wide policies and procedures to ensure IT practices are compliant with government and security requirements.
  • Review security requirements and subsequently review systems to determine if they have been designed and established to comply with established standards.
  • Analyze client needs and current security regulations and guidelines to determine and address information security requirements.
  • Analyze and addresses customer security requirements for all business applications existing on a distributed platform.
  • Develop project-specific policies, procedures, and execution strategies to implement government security requirements.
  • Work closely with legal partners providing guidance during negotiating security requirements with vendor.
  • Analyzed security requirements for proposed system changes and evaluated secure solutions.
  • Researched, drafted and proposed IPv6 protocol threats, mitigation techniques and security requirements for future IPv6 roll outs and builds.
  • Analyzed new security requirements and implement the proper roles and permissions on the basis of best practices.
  • Implement security requirements for Software, Storage, Performance, Automation, Network and Database teams.
  • Evaluate new security software and hardware tools to ensure it meets company security requirements.
  • Aligned information security requirements with the business and IT policies and procedures.
  • Assist in defining security requirements for new projects.
  • Project lead for the development of MOSS (Microsoft Office SharePoint Server) 2007 Portal for the security requirements repository.
  • Ensured projects included security requirements throughout the lifecycle of the project.
  • Negotiate SOWs, RFPs, MSAs and security requirements for vendor agreements.

Show More

18 Security Requirements Jobs

No jobs at selected location

29. Security Incidents

demand arrow
average Demand
Here's how Security Incidents is used in Senior Information Security Analyst jobs:
  • Applied forensic investigation techniques to document root cause and impact of detected computer security incidents.
  • Worked with human resources and internal security departments to facilitate response to internal security incidents.
  • Provided assistance to establish an approved process for handling security incidents or vulnerabilities.
  • Worked with cross-functional Security Incident Response Team in resolving security incidents.
  • Manage security incidents and/or be tasked with leading an investigation.
  • Investigate and respond to security incidents.
  • Analyze network and system intrusions, breaches and other information security incidents in support of IT security incident response plan.
  • Lead the Computer Emergency and Response Team for any security incidents that are not considered day to day.
  • Documented a reporting strategy to exhibit metrics for Patch Management, Security Incidents, and Anti-Virus.
  • Work security incidents dealing with phishing, client breaches, and store employee incidents.
  • Respond to major Security Incidents on a 24/7/365 Schedule.
  • Perform advanced incident response actions for cyber security incidents.
  • Investigated and analysed security incidents.
  • Mentored, trained employees on SRR's, PCI, GLBA data Escalated Security Incidents to customers and discuss mitigation actions.
  • Improved the Cyber Security Incidents tracking efficiency by 50% by establishing tracking mechanisms and providing enterprise level over site.
  • Used Splunk as a tool for investigating security incidents, and IT security auditing.
  • Respond to and provide cyber-forensic support for information cyber security investigations as well as on-call response for cyber security incidents.

Show More

18 Security Incidents Jobs

No jobs at selected location

30. Security Standards

demand arrow
low Demand
Here's how Security Standards is used in Senior Information Security Analyst jobs:
  • Performed detailed application and system assessments to determine vulnerabilities and ensure compliance with all security standards and guidelines.
  • Defined baseline security standards and contributed to the development of an enterprise Security Configuration Management program.
  • Design, implement and monitor servers, networking devices and system configurations according security standards.
  • Implemented controls for monitoring corporate compliance with policies, procedures and security standards.
  • Performed vulnerability checks of systems to ensure they were within security standards.
  • Planned and implemented application and system security standards, and configuration compliance.
  • Developed operating system and network security standards documents for existing customers.
  • Developed scripts and monitored server/database/network compliance to Information Security Standards.
  • Co-authored standardization of ACF2 data security standards.
  • Evaluate, developed, and implemented security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
  • Researched, installed and configured perimeter security software (firewalls, IDS, VPN) and network security standards.
  • Performed a risk assessment of firm's virtual infrastructure and developed security standards to protect firm's data.
  • Led the effort to apply common security standards and controls between three separate mainframe environments.
  • Created and implemented focused IIS 6.0 security standards and hardening procedures across the enterprise.
  • Analyze code against industry best practices and federal security standards to ensure compliance.
  • Protected veteran personal and health information following PII and PHI security standards.
  • Implement security standards and compliance and perform annual review of the standards.
  • Migrated new accounts using ACF2 data security standards.
  • Establish core information security policy frameworks in accordance with renouned security standards such as ISO27K, SANS, etc.
  • Ensured compliance with Marriott Security standards and PCI requirements.

Show More

8 Security Standards Jobs

No jobs at selected location

31. Nessus

demand arrow
low Demand
Here's how Nessus is used in Senior Information Security Analyst jobs:
  • Managed scanning tools to include, TENABLE, RETINA, NESSUS and GOLDDISK.
  • Review tenable Nessus vulnerability and compliance scans as part of security control assessments.
  • Performed vulnerabilities scans for Databases, Network, and Web Applications for different clients using Tenable Nessus and performed remediation.
  • Monitored and reported on patch and vulnerability status of the environment by leveraging Tenable's SecurityCenter (Nessus).
  • Performed risk assessments to ensure corporate and Government compliance utilizing tools from Tenable such as Nessus and Security Center.
  • Managed the vulnerability scanning (ISS, Nessus, WebInspect) Led the security incident response team.
  • Conducted technical analysis of networks using tools such as Retina, Nessus, and Core Impact.
  • Establish and created security controls, compliance/auditing benchmarks used in Nessus scans.
  • Analyze Tenable Nessus and Lumension PatchLink quarterly vulnerability scans to determine trends in system weaknesses.
  • Used Nessus, SAINT and HP Webinspect vulnerability scanning tool suites for continuous monitoring, security assessment and resolving POAM issues.
  • Configured and scanned 36,000 desktops using Nessus and nCircle identifying vulnerabilities and engaging the appropriate teams for remediation.
  • Performed vulnerability checks using DoD intrusion detection tools DISA Gold, eEye-Retina, Nessus 5 and SMS.
  • Functioned as the business product/process consultant for PCI vulnerability management using Qualys, Foundstone, and Nessus.

Show More

4 Nessus Jobs

No jobs at selected location

32. Linux

demand arrow
low Demand
Here's how Linux is used in Senior Information Security Analyst jobs:
  • Configured Linux system to securely back up configuration nightly.
  • Configured a Linux server to collect, compress, and store for 90 days.
  • Installed and configured Cornerstone MFT server to replace the existing Linux SFTP server.
  • Provide User access to Linux servers or groups based on their role.
  • Utilized NTOP, CIFS, and many other Linux utilities and services.
  • Analyzed and processed Windows, Linux, & mobile systems.
  • Build and manage/maintain Linux and windows clusters.
  • Network diagnostic using linux tools to determine latency, packet loss and maximum throughput for remote DREN networks.
  • Installed, configured and administered all Linux systems for the IT Security group.
  • Remediated potential Infections or Policy Violations on a Variety of Platforms such as Windows, Linux and Solaris.

Show More

2 Linux Jobs

No jobs at selected location

33. Data Privacy

demand arrow
low Demand
1 Data Privacy Jobs

No jobs at selected location

34. Mcafee

demand arrow
low Demand
Here's how Mcafee is used in Senior Information Security Analyst jobs:
  • Led McAfee-Endpoint Encryption server configuration and installation project.
  • Updated McAfee products via SDLC process to provide the highest level of security without impacting the user experience.
  • Provided enterprise protection through execution of McAfee Active Virus Defense Suite EPO.
  • Managed vendor relationships for RSA enVision, Tripwire Enterprise, WebSense, and McAfee VirusScan Enterprise.
  • Monitored malicious activity using McAfee ePO's dashboards, automatic responses (alerts) and reports.
  • Purchased and installed Mcafee's full disk endpoint encryption product.
  • Utilized McAfee's approach to PCI Compliance by recommending Foundstone, ePO 4.0, and HIPS.
  • Monitor and review McAfee ePolicy Orchestrator malware alerts.

Show More

1 Mcafee Jobs

No jobs at selected location

35. Business Units

demand arrow
low Demand
Here's how Business Units is used in Senior Information Security Analyst jobs:
  • Engaged major business units to partner on information risk strategic initiatives which resulted in the business units accepting risk management responsibility.
  • Interfaced closely with internal business units, departmental contacts, and other contacts in support of achieving IT security operational objectives.
  • Prepared and presented risk assessment reports and recommendations to reduce information security risks to system owners and business units.
  • Worked with multiple business units to assess and evaluate applications and systems helping to establish effective security baselines.
  • Review and monitor enterprise service requests ensuring business units are following proper approval processes and service goals.
  • Assist business units identify and correct access deficiencies and related control deficiencies.
  • Provide information security guidance and recommendations to various business units.
  • Assisted business units in security policies measured compliance.
  • Provide security guidance or expertise to other business units and Network Operations Center (NOC) analysts for tickets or events.
  • Resolved Check Point firewall issues brought forward by other IT teams, business units, end users, and other stakeholders.
  • Worked closely with Internal/External auditors and management of various business units to analyze resources for SOX and Data Privacy compliance.
  • Assisted with cross-functional steering committee including members from Legal, Human Resources, Audit, and other key business units.
  • Work with members of all business units and staff to support the enterprise approach to security.
  • Schedule kick-off calls with various business units, present materials and provide feedback while addressing questions.
  • Interact with and work through many various business units to accomplish outsourcing security goals.
  • Liaised with business units to track remediation efforts and produce correction / remediation plans.
  • Consulted with business units to secure data and insure compliance.
  • Worked with vendors and business units to resolve SOX deficiencies.

Show More

36. Unix

demand arrow
low Demand
Here's how Unix is used in Senior Information Security Analyst jobs:
  • Mitigated security risks within the Unix environment by installing and maintaining application layer software to help manage Unix security risks.
  • Provided C&A to multiple DoD projects * Provide SME experience for the hardening and accreditation of Unix-based systems.
  • Developed and maintained various Unix (BSD) shell scripts to automate routine firewall and perimeter device monitoring tasks.
  • Supported security infrastructure including security devices, Windows, Unix, Linux, switches, firewalls and network devices
  • Used CIS and NSA benchmarks to secure Windows and UNIX operating systems used on systems being assessed.
  • Lead analyst in support of Enterprise wide patch management committee for Windows and Unix flavors.
  • Subject matter expert for security best practices on Unix/Linux based platforms.
  • Create Access Roles for new team in BoKS UNIX environment.
  • Maintained ESM on High Risk servers on Unix and Wintel servers.
  • Managed the review of log output for security reports from Foundstone, enVision and SU&SUDU Unix log reviews.

Show More

1 Unix Jobs

No jobs at selected location

37. VPN

demand arrow
low Demand
Here's how VPN is used in Senior Information Security Analyst jobs:
  • Designed, implemented and managed perimeter security utilizing Checkpoint Firewall-1 technology and VPN services for corporate and fielded locations.
  • Supported the organization with AD (Active Directory) and VPN investigations and possible access attempts by former employees and hostile terminations
  • Troubleshooted, and maintained 20 VPN sites worldwide to ensure minimal down time and 100% carrier monitoring.
  • Provided end-user support involving installation, configuration and troubleshooting of remote VPN clients and issues for different platforms.
  • Upgraded VPN remote access via RSA tokens with Digital certificates.
  • Secure VPN connections design and implementation.
  • Established ISO 17799 compliant security polices including Acceptable Use, Email, Password, Wireless, and VPN.
  • Executed Remote client and Site-to-Site VPN using Cisco's 3030 Concentrator with Zone labs Integrity Server.
  • Configured LAN-to-LAN and client VPNs for medical professionals and CNMC business partners.
  • Assisted in migration of VPN concentrators to new project.

Show More

38. Security Posture

demand arrow
low Demand
Here's how Security Posture is used in Senior Information Security Analyst jobs:
  • Enhanced internal security posture though raising internal awareness, identifying and reporting gaps while driving vulnerability remediation or mitigation.
  • Implemented mandatory use of two-factor authentication, an essential tool in testing vendor-supplied appliances needed to increase security posture.
  • Researched industry practices/solutions and evaluated new technologies in IT security; recommended solutions regarding current security posture.
  • Developed an interactive security dashboard tool utilizing Excel/VBA, which enabled security posture improvements.
  • Evaluated software packages and documented security posture of those products.
  • Design, deploy, and support end-to-end peer review and security posture application designed to process grants annually.
  • Major contributor to infrastructure re-architecture, improving security posture and saving the company over $40,000 per year.
  • Designed and managed targeted policies, procedures, and projects to enhance the overall security posture.
  • Evaluate and recommend security products that enhance the corporate security posture and increase current resource throughput.
  • Provided weekly reports and presentations to management on the security posture of the environment.
  • Strengthened organizational IT security posture by using Nmap to identify additional system vulnerabilities and advised on resolution approaches.

Show More

11 Security Posture Jobs

No jobs at selected location

39. Application Security

demand arrow
low Demand
Here's how Application Security is used in Senior Information Security Analyst jobs:
  • Train developers and application teams while providing guidance on relevant application security industry standards and practices.
  • Defined and conducted assessments for operating systems, application security, and physical security.
  • Conducted proof of concept reviews on potential application security software initiatives.
  • Implemented application security in different phases of Software Development Life Cycle.
  • Attended to all application meetings where Application Security is pertinent.
  • Administrated the company Application Security training and education program.
  • Plan, implement, execute and mitigate vulnerabilities through the use of an application security testing tool.
  • Managed communications and relations between the Application Security team and the rest of the company.
  • Serve as SME for application security requirements.
  • Maintain and audit documentation of application security exceptions for regulatory compliance Document all application security activities for regulatory compliance.

Show More

8 Application Security Jobs

No jobs at selected location

40. DOD

demand arrow
low Demand
Here's how DOD is used in Senior Information Security Analyst jobs:
  • Verify documentation for compliance with current DoD policy initiatives and provide appropriate feedback and mitigation strategies.
  • Configured (lock down) entire systems per DoN/DoD requirements and industry best practices, mitigating risk and documenting know vulnerabilities.
  • Use DA and DoD electronic online repositories, including CHESS, APLITS etc., to ensure hardware and software are authorized.
  • Assisted ODAA in migrating C&A activities from DITSCAP to DICAP and implementing DoD provided automated C&A tools.
  • Issue, revoke, renew and recover certificates for the Common Access Card CAC/PKI office in compliance with DoDI 8520.2.
  • Compiled and organized all DoD requirements relevant to each system within a test event to ensure configuration compliance.
  • Managed & installed IAVA update patches to the servers and network using proper DOD procedures and security.
  • Execute training sessions with new PKI specialist utilizing DoD practices, policies, procedures and standards.
  • Monitored the health and welfare of the DOD networks and identified suspicious and malicious activities.
  • Possess strong knowledge and familiarity DoD and NIST IA policies and risk assessment methodology.
  • Performed software updates on DOD servers, laptops and SATCOM equipment for satellite networks.
  • Verify users IA training and certifications are in compliance with DoD 8570.
  • Create ASCL token lifecycle tracking records and DoD PKI ASCL pins and unlock codes
  • Tracked events and incidents for DOD Service and Regional CERTs.

Show More

4 DOD Jobs

No jobs at selected location

41. Governance

demand arrow
low Demand
Here's how Governance is used in Senior Information Security Analyst jobs:
  • Tested customer networks for vulnerabilities and provided Governance and Risk Compliance analysis reports.
  • Coordinate the development of processes to support security governance.
  • Influence Information Security Governance development and security program scope.
  • Provide leadership to business, IT and other Information Security clients in creation of new IT policies and IT Governance.
  • Lead resource in security governance and policy efforts which helped the organization achieve ISO 27001 certification.
  • Contributed to IT Governance and Security Governance Board in setting agenda and Risk governance process.
  • Facilitate PCI annual assessment using Enterprise Governance, Risk & Compliance tool Archer.
  • Provide guidance to business and technical teams to implement Access Governance practices.
  • Provide direction and training to others in the Governance and Security Department.
  • Establish and advise on governance processes of the organization's security strategies.
  • Create presentations to demonstrate the deliverables and goals of the Unstructured Data Governance initiative.
  • Review Access Governance practices to ensure accordance with Information Security polices and standards.

Show More

27 Governance Jobs

No jobs at selected location

42. Security Issues

demand arrow
low Demand
Here's how Security Issues is used in Senior Information Security Analyst jobs:
  • Assisted system stewards to document and mitigate identified security issues (including requirements for security authorization).
  • Promote awareness of security issues among management and ensuring sound security principles.
  • Monitor and analyze vulnerability management tools to identity security issues for remediation.
  • Communicate with all levels of the business regarding security issues while ensuring that the firm's information assets are properly protected.
  • Investigate, document, and report on information security issues and emerging trends.
  • Assess threats, risks, and vulnerabilities from emerging security issues.
  • Advised C-level Executives on security issues and threats.
  • Provide escalation path for information security issues, incidents and enquiries.

Show More

17 Security Issues Jobs

No jobs at selected location

43. Internet

demand arrow
low Demand
Here's how Internet is used in Senior Information Security Analyst jobs:
  • Designed Firewall and Border Gateway Router architecture for E-commerce and General Internet Gateways.
  • Implemented configured and maintained IPRISM Internet Monitoring system.
  • Create company policies & procedures governing corporate security, email & Internet usage, access control, and incident response.
  • Conduct Trusted Internet Connection (TIC) assessment in accordance with DHS standards, and TIC CCV workbook security controls.
  • Evaluated security risks of internet facing Outlook Web Access and formulated solutions based on risk level.
  • Conducted on-site security reviews of the 1st Internet bank.
  • Improved efficiencies by documenting departmental processes and security rules, including the proxy server rules associated with Internet exclusions.

Show More

44. POA

demand arrow
low Demand
Here's how POA is used in Senior Information Security Analyst jobs:
  • Experience in writing and executing test cases, POA & M's and policies.
  • Review (POA&M) and enforce timely remediation of audit issues.
  • Managed POA&M remediation.
  • Prepare and manage Corrective Action Plans (CAP) and Plans of Actions and Milestones (POAM).
  • Analyze and report on the status of POA&M items.
  • Compiled Plan of Actions and Milestones (POA&M).
  • Work with agency liaisons, providing accurate, up-to-date POAM information for their bi-weekly meetings and ad-hoc briefings.
  • Documented and maintained system level and program level plan of action and milestones (POA&Ms).
  • Developed, entered and monitored POA&Ms in Trusted Agent FISMA (TAF).
  • Provided finding and recommendation, prepared POAM&Ms.
  • Establish a process to track remedial actions (POA&Ms).
  • Managed POA&Ms via the Department of Justice (DOJ) Cyber Security Assessment and Management (CSAM) tool.
  • Develop Plan of Actions and Milestones (POAMS) and Corrective Action Plans (CAPs) to remediate audit findings.

Show More

4 POA Jobs

No jobs at selected location

45. RSA

demand arrow
low Demand
Here's how RSA is used in Senior Information Security Analyst jobs:
  • Worked RSA Archer GRC tools to manage and track vulnerabilities, corrective action plans, remediation status and overall risk posture.
  • Purge classified and unclassified hard drives using the Army Universal Purge Tool (UPT).
  • Reviewed and assessed applications for gaps using custom questionnaires built within RSAM for application assessments.
  • Solved numerous problems with the program working closely with RSA engineers.
  • Trained over 200 Help Desk support staff on RSA SecurID administration.
  • Created RSA administration training manual for Help Desk support staff.
  • Project plan leader to upgrade RSA MFA system.
  • Perform daily administration of RSA SecurID.
  • Developed performance and regression tests that proved RSA 7 unsuitable for use and to certify RSA 8, now in Production.
  • Manage migration of risk assessment methodology to RSA Archer Manage system access and permissions to risk assessment tools and repositories.
  • Re-factored RSA 6 Auth Manager PERL-based tools to report, clean and maintain database of 140,000 RSA SecurID tokens world-wide.
  • Provide remote access through RSA Keyfob/Token access.
  • Review Firewall & load balancer change requests Manage and administer RSA envision for centralized log management of critical IT systems.

Show More

46. Arcsight

demand arrow
low Demand
Here's how Arcsight is used in Senior Information Security Analyst jobs:
  • Created correlated high-fidelity ArcSight channels based on multiple intelligence sources for real-time focused monitoring during high-priority incidents.
  • Help make custom Arcsight channels to drill down into potentially malicious or events that could cause damage to the network.
  • Assist the Arcsight Engineer create or suggest content filters within Arcsight to better find potentially malicious activity on the network.

Show More

2 Arcsight Jobs

No jobs at selected location

47. DLP

demand arrow
low Demand
Here's how DLP is used in Senior Information Security Analyst jobs:
  • Design and build a DLP incident management platform to centralize the remediation of files identified by the platform.
  • Optimize DLP rules to increase identification of sensitive data and reduce overall data exposure.
  • Assisted with desktop management and deployment of DLP agents and Antivirus updates.

Show More

48. Symantec

demand arrow
low Demand
Here's how Symantec is used in Senior Information Security Analyst jobs:
  • Assumed primary operational responsibility for Symantec DLP implementation
  • Utilized Symantec SII portal for signature analysis, event triangulation and correlation to reduce attack vectors.
  • Administered and supported the Symantec Endpoint Protection environment for over 6,000 clients and servers.
  • Develop Symantec DLP code that can identify incidents that exceed security risk levels.
  • Co-authored Symantec PCI - DSS ROC
  • Developed GnuPG output parser in PERL to provide Symantec PGP compliant views, minimizing retraining needed for CSC staff.
  • Served as the point of contact for Symantec and Infosec to advance IT maintenance and administration.
  • Installed and administered Symantec's Corporate Antivirus Suite on over 400 Windows & Novell servers.

Show More

49. Data Loss

demand arrow
low Demand
Here's how Data Loss is used in Senior Information Security Analyst jobs:
  • Implemented & managed an endpoint encryption/host data loss prevention environment.
  • Expand Data Loss Prevention (DLP) program to include all high risk applications, protocols, platforms, and devices.
  • Project management support for the implementation of a Data Loss Prevention (DLP) tool to protect confidential HAP member data.
  • Test and evaluate use cases during the on-boarding process for new DLP (Data Loss Prevention) tool.
  • Lead Data Loss Prevention team to create and review guidelines regarding critical data elements.
  • Assisted legal and contractual teams in resolving data loss incidents.
  • Manage the Enterprise Security Rule Management for Data Loss Prevention.
  • Review Data Loss Prevention logs for possible data loss.
  • Led efforts to established data loss prevention controls.
  • Implement Cyber Security practices within XPS by creating custom policies and reporting mechanisms to help prevent data loss and malware infection.

Show More

18 Data Loss Jobs

No jobs at selected location

50. SOC

demand arrow
low Demand
Here's how SOC is used in Senior Information Security Analyst jobs:
  • Provide technical guidance/training to information owners and IT associates.
  • Provided IT Compliance Advisory Services to various clients for SSA16 SOC1, SOC2 and SOC3 preparedness as well as External Audits.
  • Review threats and security events for the Customs and Border Protection's SOC/CSIRC and DHS SOC.
  • Develop, and manage implementation of a new hierarchical RACF group structure and associated naming conventions.
  • Acted as Local Registrar Authority (LRA) and maintained security files and associated records.
  • Created tools and resources to optimize the efficiency of the SOC's monitoring analysts.
  • Provided research and input for the development of the security architecture and associated policies.
  • Created the Business Continuity Plan for Managed Services in preparation for SOC 2 compliance.
  • Hired as associate level analysts with promotion to senior analysts after 1 year.
  • Assist in SOC evolution and act as resource for lower Tier SOC teams.
  • Operated in a 24X7 Security Operations Center (SOC).
  • Contracted to the Transportation Security Agency (TSA) SOC.
  • Review threats and security events for DHS SOC.
  • Reviewed pre-existing Application Projects, and technological documents associated with the projects.
  • Key Achievements: Completion of multiple business unit PCI DSS 3.2, ISO27002:2013 and SSAE16 SOC1 Type II audit engagements.
  • Provided evidence collection for SOX, SOC 2, in conjunction with Deloitte audits.
  • Review and recommend improvements in SOC workflow.
  • Facilitated SOC 2 engagements from initiation, evidence gathering, and testing to a successful "no findings noted" conclusions.
  • Deploy and maintain security monitoring tools including Tripwire, Scriptlogic, Websense, and IBM VSOC.
  • Assisted in the redesigned workplace to ensure best environment set-up for Helpdesk Associates.

Show More

Senior Information Security Analyst Jobs

NO RESULTS

Aw snap, no jobs found.

20 Most Common Skills For A Senior Information Security Analyst

Ensure Compliance

15.4%

Vulnerability Assessments

10.4%

Information Security Policies

7.3%

Risk Assessments

7.3%

Infrastructure

5.8%

Incident Response

5.4%

Nist Security Policies

4.6%

Information Technology

4.4%

PCI DSS

4.2%

Firewall

4.0%

Disa

3.4%

Architecture

3.4%

Security Assessment

3.4%

Assurance

3.3%

System Security

3.3%

SOX

3.2%

Fisma

2.9%

Cyber

2.9%

Active Directory

2.8%

Intrusion Detection

2.8%
Show More

Typical Skill-Sets Required For A Senior Information Security Analyst

Rank Skill
1 Ensure Compliance 9.9%
2 Vulnerability Assessments 6.7%
3 Information Security Policies 4.7%
4 Risk Assessments 4.6%
5 Infrastructure 3.7%
6 Incident Response 3.4%
7 Nist Security Policies 2.9%
8 Information Technology 2.8%
9 PCI DSS 2.7%
10 Firewall 2.5%
11 Disa 2.2%
12 Architecture 2.1%
13 Security Assessment 2.1%
14 Assurance 2.1%
15 System Security 2.1%
16 SOX 2.0%
17 Fisma 1.9%
18 Cyber 1.9%
19 Active Directory 1.8%
20 Intrusion Detection 1.8%
21 Security Awareness 1.7%
22 Network Security 1.7%
23 ISO 1.6%
24 Hipaa 1.5%
25 IDS 1.5%
26 Siem 1.5%
27 Security Tools 1.4%
28 Security Requirements 1.4%
29 Security Incidents 1.3%
30 Security Standards 1.3%
31 Nessus 1.3%
32 Linux 1.2%
33 Data Privacy 1.2%
34 Mcafee 1.2%
35 Business Units 1.2%
36 Unix 1.1%
37 VPN 1.1%
38 Security Posture 1.1%
39 Application Security 1.1%
40 DOD 1.1%
41 Governance 1.1%
42 Security Issues 1.0%
43 Internet 1.0%
44 POA 1.0%
45 RSA 1.0%
46 Arcsight 0.9%
47 DLP 0.9%
48 Symantec 0.9%
49 Data Loss 0.9%
50 SOC 0.9%
{[{skill.rank}]} {[{skill.name}]} {[{skill.percentageDisplay}]}%
Show More

18,118 Senior Information Security Analyst Jobs

Where do you want to work?

To get started, tell us where you'd like to work.
Sorry, we can't find that. Please try a different city or state.