Job Description :
Information Security Analyst
Duration: 1 year
Location: Bellevue, WA

Description:
Develops and delivers a comprehensive information security and privacy program for T-Mobile.
The scope of this program is company-wide, and includes information in electronic, print and other formats.
The purpose of this program includes: to assure that information created, acquired or maintained by T-Mobile, and its authorized users, is used in accordance with its intended purpose; to protect T-Mobile information and its infrastructure from external or internal threats; and to assure that T-Mobile complies with statutory and regulatory requirements regarding information access, security and privacy.
Specific responsibilities:
o Coordinate the development of T-Mobile information security policies, standards and procedures.
o Work with key IT offices, data custodians and governance groups in the development of such policies.
o Ensure that company policies support compliance with external requirements.
o Oversee the dissemination of policies, standards and procedures to the user community
o Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and vendors
o Serve as the company compliance officer with respect to state and federal information security policies and regulations.
o Work with the T-Mobile-designated internal audit, SOX compliance, legal, and HR on compliance issues as necessary.
o Prepare and submit and submit required reports to external agencies.
o Develop and implement an Incident Reporting and Response System to address T-Mobile security incidents (breaches), respond to alleged policy violations, or complaints from external parties.
o Serve as the official company contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities.
o Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing.