Search for More Jobs
Forward this job to a friend
Apply by email without Registering
Apply by creating/using account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Information Security Analyst
12-24 month contract
The Information Security Analyst position requires information risk management experience, effective communication skills and business acumen. The successful candidate will work with solution mangers, business clients, and applications, database, and/or infrastructure teams to integrate security best practices into the solution delivery process to prevent or remediate significant risks to the business.
He/she will identify and document business risks and coordinate remediation of vulnerabilities and threats using risk assessment methodologies and processes including analyzing output from infrastructure, database, or web application vulnerability assessments, and developing spreadsheets, diagrams, textual documents and reports as requested. The ideal candidate will coordinate risk assessment activities and provide security training to assigned solution delivery team members.
He/she needs to be able to communicate effectively and respectfully with management, engineers, customers and others regarding the need of information security and to help them learn their roles and responsibilities in the implementation and maintenance of appropriate controls to mitigate significant risks.
He/she needs to have an appreciation for the need to balance security control benefits against potential impacts on business functionality and performance.
The successful candidate will have a demeanor of maturity and professionalism that promotes trust and respect for the entire risk management team in those with whom the team interacts. He/she will be able to be trusted to work in sensitive situations and with sensitive information and keep confidences.
· Perform risk assessments utilizing enterprise GRC toolset
· Perform compliance or risk assessment interviews with solutions management, engineers, and developers
· Evaluate adherence to and evangelize information security policies and standards
· Review compliance or assessment artifacts and deliverables for completeness and accuracy
· Write test plans and test results reports in accordance with Church practices
· Document critical security risk findings for urgent resolution
· Generate reporting dashboard metrics or measures for multiple levels of management review
· Coordinate security assessment findings and reports with management, engineers, and customers
· Coordinate or perform application vulnerability testing
· Coordinate or perform application penetration tests
· Coordinate or perform tests and evidence gathering activities for solution security certification/compliance validation
· Communicate significant security or interdepartmental findings to customers for timely resolution
· Ensure sensitive data handling systems are in compliance with Church policy and procedures
· Become familiar with Church IT Security policies and industry security standards
· Propose and implement approved compliance process improvements
· Utilize a complex management and reporting tool for compliance and certification process
· Demonstrate proficiency with data entry submission and validation in multiple formats
· Approximately 10% independent travel
This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel.
Must be a member of The Church of Jesus Christ of Latter-day Saints and currently temple worthy.
Apply by creating/using account
ConsultNet is an Equal Opportunity Employer
Kinetix is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, ancestry, citizenship, disability, age, military or veteran status, and other characteristics protected under federal, state and local law.