Randstad Information Security Analyst in Irving, Texas
Information Security Analyst
date posted:Wednesday, February 13, 2019
job type:Temp to Perm
industry:Professional, Scientific, and Technical Services
Information Security Analyst
Randstad Technologies is the worlds largest workforce solutions company and we have an immediate need with a global leader in the retail services sector.
This is a contract to hire role with a company that prides itself on innovation, work-life balance and diversity in the workplace. In addition to this being a very visible role, there will be an opportunity to work on cutting edge enterprise security projects. This client is centrally located in the Dallas metro area and ready to move quickly for the right professional. If you fit the description below, please apply and reach out to us today!
location: Irving, Texas
job type: Contract
work hours: 8am to 5pm
Summary of Responsibilities
The Information Security Analyst leads first line of defense for IT Security services, consultation, leadership and subject matter expertise. The analyst will review, design and develop security operational processes, standards, and procedures utilizing current and new technologies to improve security controls and business performance. The Information Security Analyst helps lead tactical information security direction that is aligned with CISO, corporate business objectives and regulatory requirements.
Subject Matter Expertise - Information Security subject matter expert to the business, IT areas, project teams and vendors to apply and execute appropriate use of technology solutions. Leads efforts to examine technology vision, opportunities and challenges with regard to security standards and the impact of the technology. Retail industry regulations such as PCI, and SOX
Security Trends - Continually works to enhance breadth and depth of knowledge and experience. Benchmarks technology strategies and architectures. Monitors and anticipates trends and investigates organizational objectives and needs. Provides guidance on security solutions and prepares benchmarking reports and presentations.
Project Oversight - Assesses project risk and complexity. Oversees project handoffs including preparing documentation, educating and supporting to ensure smooth transitions. Supports the selection and design of tools that allow reuse of design components and patterns between projects.
Vendor/Tool Selection - Supports the research, evaluation, proof-of-concept, selection and implementation of technology solutions. Provides detailed analysis of pros and cons and build vs buy options. This includes interaction with vendors, IT and business area contacts to facilitate flexible, and scalable solutions. Ensures that the technical design considers security controls, performance, confidentiality, integrity, availability, access and total cost. Oversees working solutions or prototypes and resolves any issues that arise.
Process Improvement - Promotes implementation of new technology, solutions and methods to improve business processes, efficiency, effectiveness and value delivered to customers.
Due Diligence - Leads enterprise due-diligence activities including security monitoring and security metrics to evaluate effectiveness of the enterprise security program and established controls.
Incident Response - Supports security incident response activities and post-event reviews of security incidents. Ensures the clear and professional documentation of root cause and risk analysis of all findings. Reviews and supports action plans for issue resolution. Supports investigation and reports contribution of security threats and incidents.
Security Monitoring - Supports security monitoring according to a structured process, including writing standards, requirements and thresholds. This may include configuration and deployment of security hardware and applications.
Vulnerability and Patch Management - Leads enterprise process maturation efforts to develop and implement a sustainable, repeatable vulnerability and patch management process that meets industry best practice and regulatory requirements.
Mentoring - Interfaces with peers and senior leadership, communicates at all levels. Provides guidance to less experienced Information Security team members.
Bachelor's degree and a minimum 3 years of Information Security experience or, in lieu of a bachelor's degree, a high school diploma/GED and a minimum of 7 years of Information Security experience
Relevant professional certifications or working towards attainment such as: GCIH/GSEC, CISM, CISA, CISSP, CCSP, Security+, CCNA
skills: Additional Preferred Qualifications
Advanced knowledge of common web technologies, enterprise and network architecture
Strong understanding of modern security tools and controls
Understanding of web-based application architectures (IIS, Apache, etc.)
Data protection controls
Advanced knowledge of or demonstrated experience with defense in depth, trust levels, privileges and permissions
Large complex multi-national retail services industry related experience
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.