Product Analyst - Cybersecurity

Company: Istonish
Location: White Plains
Posted on: July 29, 2022

Job Description:

Job Description Our client, a large CPG company, has an exciting contract opportunity for a Product Analyst to design and implement IT security. This is a 12 month contract engagement. Work location is based out of White Plains, New York (hybrid 2-3 days in office). DESCRIPTION: Design and implement IT security for the client. Works closely with team members, end users, and other IT departments to design, implement, support, and maintain Vendor Management process, manage information security related audit requirements, and vulnerability management on our web presence. Security Analysts will monitor for changes in cyber/human activity, security application alerts, vulnerabilities, cyber threats, and then identify and communicate course of action for remediation. Responsibilities : -- Handle Cybersecurity components of the vendor management process end to end, from initial and periodical vendor Cybersecurity vetting, risk analysis of the potential purchased solution, and security amendments in the contract -- Enhance support and maintain the web application vulnerability program with various tools (Qualys experience a plus). -- Timely respond to security threats by initiating appropriate requests as well as managing team---s ticketing queue -- Project management skills and capability of managing multiple projects simultaneously as well as using standard tools -- Experienced with information security metrics, Excel dashboards or other data analysis tools (Power BI, Splunk etc.) -- Provide metrics and dashboards on all activities performed and documentation for status reports (KRI and KPI---s) -- BCP / DR extensive knowledge --- plan revisions, maintenance, testing -- Support and respond to audit procedures and findings. Ability to effectively adapt to rapidly changing technologies and apply them to business needs. -- Strong knowledge and understanding of business and business processes; strong business planning skills. -- Familiarity with Data Privacy legislation (GDPR, CCPA, LGPD, or other pending state specific privacy legislations) and understanding of Data Privacy concerns within the business environment. -- Knowledge of pertinent legal controls (PCI, HIPAA); understanding of compliance requirements and ability to convey that understanding to users, support staff and Management. -- Champion security policy and ---best practices--- within the business environment. -- Communicate and share Cybersecurity best practices with in non-technical terms with customers, employees, and management. Process & Projects: -- Technology processes, IT Platforms (Azure, Service Now, O365, vulnerability management, email filtering etc.), DR and BCP planning, and/or end users. -- Large scale cybersecurity project on premise, in the cloud or hybrid. -- Agile frameworks and delivery models Impact on Business Results: Security issues represent a critical challenge for businesses. As data breaches become increasingly common, even among the world's largest companies, maintaining the security and privacy of customers is a major concern for businesses and the IT organizations that support them. Benefits of IT security compliance for your business are avoiding fines and penalties, protecting business reputation, enhance data management capabilities, promotes operational benefits, supports access control and accountability. About you: Knowledge of: -- Applicable information security management, governance, and compliance principles, practices, laws, rules, regulations and frameworks NIST, ISO, PCI-DSS, HIPAA, Data Privacy, GDPR -- Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols -- Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration -- Information systems auditing, monitoring, controlling, and assessment process -- Incident response management -- Risk assessment and management methodology. Skills and qualifications: -- Bachelor---s degree in Computer Science, Information Systems, Business Administration, Engineering, or other closely related field required. Or equivalent experience. -- 5 years of experience with system security is desired. -- 1 to 2 years of experience in the administration of IT devices and networking. Network Administration and Network Security experience a plus -- CompTIA - Security preferred. Other certifications CISM, CISA, CISSP a big plus -- Deep understanding of Windows security, Active directory, Group policies, Network protocols. -- Rudimentary hands-on software and hardware configuration experience. -- Capability to interpret, understand and remediate penetration test results. -- Vulnerability management lifecycle skills -- ICS (Industrial controls systems), SCADA security experience a plus -- Deep understanding of NIST, ISO2700, PCI DSS, HIPAA, GDPR and Data privacy requirements and control mapping -- Business Process understanding (Distribution industry preferred) -- Understanding of Application flow (ability to interpret processing in a network computing environment) and Application security -- Excellent MS Excel skills on multiple topics: pivot tables, graphs, analysis, macros etc. Ability to: -- Effectively communicate technical issues to diverse audiences, both in writing and verbally -- Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process -- Evaluate and update and/or revise program materials -- Learn quickly and apply knowledge to new situations -- Handle sensitive and confidential matters, situations, and data HIRING SALARY RANGE : $58.00 per hour - $63.00 per hour (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data.) Istonish is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status Company Description Istonish is an established women-owned, minority business enterprise, headquartered in Denver, Colorado. For nearly three decades we have been sourcing, recruiting and hiring highly skilled IT leaders. When you join Istonish, you become a part of a team dedicated to delivering a higher level of excellence and value.

Keywords: Istonish, White Plains , Product Analyst - Cybersecurity, Professions , White Plains, New York