Job Details

Email to Friend Save Back

Information Security Analyst

CHICAGO-60601, IL, US
07/02/2018

-

Required Skills

Microsoft Office applications

Company

Infinity Consulting Solutions, Inc

Experience

Job Description

Responsibilities:

Under the oversight of information security management or senior analysts direction, supports

The Information Security and Incident Response programs.

Applies industry knowledge of cyber security risks, threats, and controls to the environment.

Must be able to weigh business needs against security concerns and articulate issues to management.

Performs all procedures necessary to ensure the safety of information and to protect systems from intentional or inadvertent access or destruction.

Interfaces with the user community to understand their security needs and implements procedures to accommodate them.

Ensures that the user community understands and adheres to necessary procedures to maintain security.

Conducts security evaluations of systems, vendors, and processes.

Requires some knowledge of firewall theory and configuration.

Reports to the Information Security Manager.

Execute various security controls and testing

Gather, prepare, develop security metrics / compliance, and ad-hoc reports

Strong Information Security Awareness Program skills that include preparing creative presentations, marketing education and providing training classes

Conduct security risk assessments of vendors, systems, processes, and new products

Manage Threat Intelligence, oversee Vulnerability Management process, and perform related data analysis

Conduct proactive security reviews (access reviews, terminations, appropriateness, dormant/generic accounts, inactive users, etc.)

Facilitate the management of security incidents and lead the Incident Response Team, in accordance with the Incident Response Program

Represent the Information Security Team on enterprise-level project teams

Monitor usage of company resources and data

Day-to-day management of Information Security policies and procedures

Participate in physical security walk-throughs

Projects, as delegated by the Information Security Manager

Technical writing abilities required

Qualifications:

3-6 years in Information Security or Risk Management positions within financial institutions

Pursuing CISSP (Certified Information Systems Security Professional) certification - preferred

Strong understanding of risk-based approach and risk vs. reward analysis

Strong analytical, problem solving, and trouble shooting skills

Robust and Creative communications skills, that includes written and verbal skills that support the ability to communicate with a variety of levels within the organization

Demonstrates strong knowledge and understanding of IT environments and operational functions

Strong Information Technology background

CRISC (Certified in Risk and Information Systems Controls) certification - preferred

Knowledge of Sarbanes Oxley, the Gramm-Leach-Bliley Act, PCI standards, and other regulations

Working experience with Data Loss Prevention systems, and Network Access Control systems

Working knowledge of standard industry Frameworks

Experience with vulnerability management and remediation, and wireless network security

Interpersonal skills and collaboration skills are critical in working with all levels of employees and management

Experience in driving change and delivering quantifiable results

Action oriented, quick learner, and strong work ethic

Proven ability to manage multiple high priority tasks simultaneously with the ability to prioritize

Takes ownership and ability to drive and measure continual improvement actions

Proactive leader and thinker, who is able to work independently under general direction

Proficient in using Microsoft Office applications

Consistently monitors and assesses programs performance, industry trends, and identifies specific gaps to ensure objectives are satisfied

Provides input and makes recommendations regarding the program and process enhancements

Continuously seeks ongoing feedback and keeps lines of communication open with peers and management

Third Party Applications Not Accepted