Product Analyst - Cybersecurity
Company: Istonish
Location: White Plains
Posted on: July 29, 2022
|
|
Job Description:
Job Description Our client, a large CPG company, has an exciting
contract opportunity for a Product Analyst to design and implement
IT security. This is a 12 month contract engagement. Work location
is based out of White Plains, New York (hybrid 2-3 days in office).
DESCRIPTION: Design and implement IT security for the client. Works
closely with team members, end users, and other IT departments to
design, implement, support, and maintain Vendor Management process,
manage information security related audit requirements, and
vulnerability management on our web presence. Security Analysts
will monitor for changes in cyber/human activity, security
application alerts, vulnerabilities, cyber threats, and then
identify and communicate course of action for remediation.
Responsibilities : -- Handle Cybersecurity components of the vendor
management process end to end, from initial and periodical vendor
Cybersecurity vetting, risk analysis of the potential purchased
solution, and security amendments in the contract -- Enhance
support and maintain the web application vulnerability program with
various tools (Qualys experience a plus). -- Timely respond to
security threats by initiating appropriate requests as well as
managing team---s ticketing queue -- Project management skills and
capability of managing multiple projects simultaneously as well as
using standard tools -- Experienced with information security
metrics, Excel dashboards or other data analysis tools (Power BI,
Splunk etc.) -- Provide metrics and dashboards on all activities
performed and documentation for status reports (KRI and KPI---s) --
BCP / DR extensive knowledge --- plan revisions, maintenance,
testing -- Support and respond to audit procedures and findings.
Ability to effectively adapt to rapidly changing technologies and
apply them to business needs. -- Strong knowledge and understanding
of business and business processes; strong business planning
skills. -- Familiarity with Data Privacy legislation (GDPR, CCPA,
LGPD, or other pending state specific privacy legislations) and
understanding of Data Privacy concerns within the business
environment. -- Knowledge of pertinent legal controls (PCI, HIPAA);
understanding of compliance requirements and ability to convey that
understanding to users, support staff and Management. -- Champion
security policy and ---best practices--- within the business
environment. -- Communicate and share Cybersecurity best practices
with in non-technical terms with customers, employees, and
management. Process & Projects: -- Technology processes, IT
Platforms (Azure, Service Now, O365, vulnerability management,
email filtering etc.), DR and BCP planning, and/or end users. --
Large scale cybersecurity project on premise, in the cloud or
hybrid. -- Agile frameworks and delivery models Impact on Business
Results: Security issues represent a critical challenge for
businesses. As data breaches become increasingly common, even among
the world's largest companies, maintaining the security and privacy
of customers is a major concern for businesses and the IT
organizations that support them. Benefits of IT security compliance
for your business are avoiding fines and penalties, protecting
business reputation, enhance data management capabilities, promotes
operational benefits, supports access control and accountability.
About you: Knowledge of: -- Applicable information security
management, governance, and compliance principles, practices, laws,
rules, regulations and frameworks NIST, ISO, PCI-DSS, HIPAA, Data
Privacy, GDPR -- Information technology systems and processes,
network infrastructure, data architecture, data processes, and
protocols -- Cyber and cloud security standard frameworks,
architecture, design, operations, controls, technology, solutions,
and service orchestration -- Information systems auditing,
monitoring, controlling, and assessment process -- Incident
response management -- Risk assessment and management methodology.
Skills and qualifications: -- Bachelor---s degree in Computer
Science, Information Systems, Business Administration, Engineering,
or other closely related field required. Or equivalent experience.
-- 5 years of experience with system security is desired. -- 1 to 2
years of experience in the administration of IT devices and
networking. Network Administration and Network Security experience
a plus -- CompTIA - Security preferred. Other certifications CISM,
CISA, CISSP a big plus -- Deep understanding of Windows security,
Active directory, Group policies, Network protocols. -- Rudimentary
hands-on software and hardware configuration experience. --
Capability to interpret, understand and remediate penetration test
results. -- Vulnerability management lifecycle skills -- ICS
(Industrial controls systems), SCADA security experience a plus --
Deep understanding of NIST, ISO2700, PCI DSS, HIPAA, GDPR and Data
privacy requirements and control mapping -- Business Process
understanding (Distribution industry preferred) -- Understanding of
Application flow (ability to interpret processing in a network
computing environment) and Application security -- Excellent MS
Excel skills on multiple topics: pivot tables, graphs, analysis,
macros etc. Ability to: -- Effectively communicate technical issues
to diverse audiences, both in writing and verbally -- Apply a
risk-based approach to planning, executing, and reporting on audit
engagements and auditing process -- Evaluate and update and/or
revise program materials -- Learn quickly and apply knowledge to
new situations -- Handle sensitive and confidential matters,
situations, and data HIRING SALARY RANGE : $58.00 per hour - $63.00
per hour (Salary to be determined by the education, experience,
knowledge, skills, and abilities of the applicant, internal equity,
and alignment with market data.) Istonish is an Equal
Opportunity/Affirmative Action Employer. All qualified applicants
will receive consideration for employment without regard to race,
color, religion, sex, pregnancy, sexual orientation, gender
identity, national origin, age, protected veteran status, or
disability status Company Description Istonish is an established
women-owned, minority business enterprise, headquartered in Denver,
Colorado. For nearly three decades we have been sourcing,
recruiting and hiring highly skilled IT leaders. When you join
Istonish, you become a part of a team dedicated to delivering a
higher level of excellence and value.
Keywords: Istonish, White Plains , Product Analyst - Cybersecurity, Professions , White Plains, New York
Click
here to apply!
|