Job Description :
Hi,
Information Security Analyst
Chicago, IL
Full time only
II. KEY RESPONSIBILITIES
Oversees the information security program in all aspects
Focuses on data security, change management, disaster recovery, & compliance processes and initiatives, acting as the central point of contact and collaborating with other organizations within the company to ensure effective security processes and controls are aligned to deliver compliance with established security policies.
Assists in the performance of periodic data security audits, risk assessments control validation, and remediation.
Oversees the monitoring of security alerts from all sources, including installed monitoring software.
Partners with other teams within the organization such Human Resources, Legal, and Accounting & Finance to identify current and future internal and external security vulnerabilities, and identifies the best ways to reduce information security risks.
Coordinates and directs the development, management approval, implementation, and promulgation of policies, standards, & guidelines needed to support information security compliance throughout the company.
Ensures adequate and effective controls and associated policies exist to meet current and future security compliance requirements found in laws and regulations that apply to the company.
Assists with the Disaster Recovery program and assists with the identification of areas for improvement and gaining efficiencies.
Performs incident response testing and documentation of security incidents
Leads the Change Management process for the IT organization.
Identifies and implements tools and architectures to better secure people, processes, and technologies.
Raises awareness of data security & compliance risks upper management.
Assists in the development of a library of artifacts used to complete RFP requests and client audits.
Coordinates the organization’s efforts to address and complete audits.
Oversees the security relationship with third party vendors, helping them complete the requirements to maintain certifications.
Proactively researches, tests and recommends enhancements and efficiencies to keep abreast of developments in the industry and improve IT security and compliance.
Establishes and maintains strong working relationship with technology providers, groups involved with information security as well as with business leaders across the organization.
Provide technical support for desktop systems software, hardware and peripherals, including printers, phones, handhelds and remote laptops in a Windows (7, 8, 2008, 2012) environment.
Install, configure, troubleshoot and resolve hardware, software and connectivity issues.
Responsible for hardware build, configuration, setup and imaging desktops and laptops ensuring all users are able to complete their assigned job functions.
Responsible for user setups, moves and system permissions.
Administer system and software updates to desktops and laptops.
Other duties and responsibilities as assigned.
III. KEY REQUIREMENTS
Must be able to be on-call after hours and on the weekends
Bachelor’s degree in Computer Science or a related area
3+ years of experience in Information Security or Project Management
Minimum of 2 years experience in a technical role (system administrator, programmer, etc required, preferably in a fast-paced and constantly changing environment
Experience in an environment containing sensitive information and data
Familiarity with PCI DSS and HIPAA/HITECH
Experience with Group Policy
Experience with Cisco LAN/WAN/WLAN networking and security
Strong verbal and written communications skills
Must be detail oriented and able to multi-task
Knowledge of commonly used equipment, concepts, practices, and procedures within Data Center Operations
Ability to effectively present ideas in business-friendly and user-friendly language
Must possess exceptional troubleshooting, analytical and problem solving skills
Must have excellent customer service skills and work within required timelines
Adept at regularly communicating concepts to diverse audiences with varying skills sets
Prioritize issues and find solutions in unfamiliar situations with little or no assistance
The following certifications are a plus: CISSP, CISA, Security+, PCI ISA