Securus Technologies

  • Sr. Information Security Analyst

    Job Locations US-TX-Carrollton
    Job ID
    2018-1878
    # of Openings
    1
    Category
    Computer and Mathematics
  • Overview

    Job Purpose:

     

    Responsible for reviewing alerts compiled from FIM, SIEM, IDS, and DLP systems, developing and documenting baselines used to quickly identify anomalous behavior within the environment, identifying, researching, and responding to alerts from monitoring systems in order to remedy threats, supporting data collections for SOX, PCI, FedRAMP, COBIT, and other regulations, researching compliance controls, documenting and reviewing standard procedures and reviewing and documenting access request changes.

    Responsibilities

    Essential Duties:

    • Develop security standards and processes that can be deployed and managed in an automated fashion for the various projects assigned.
    • Plan and execute projects to deploy security-oriented tools or services in order to manage the company resources and associated products.
    • Must stay up to date on the latest security trends, vulnerabilities, privacy legislation, and news items and communicate new finding with other team members.
    • Documents policies, procedures and standards based upon guidance from Corporate Security Management.
    • Recommends changes in security policies and practices in accordance with changes in law or financial sector security practices.
    • Ensures that data is protected from unauthorized modification, destruction and disclosure.
    • System Auditing and monitoring of critical security systems: FIM, IPS/IDS, Event Logs, AV logs, Web Logs.
    • Perform risk assessments and test security controls and systems, including working with process owners to define remediation plans.
    • Respond to critical computer security incidents by collecting, analyzing and preserving digital evidence.
    • Answer user questions related to security technology and advise on the security impact of technical changes.
    • Ensure that security policies are applied and maintained for network devices, remote access devices, firewalls, servers and workstations.
    • Research mechanisms and tools for control compliance.
    • Conduct periodic audits of business entities to ensure continued compliance.
    • Continuous monitoring and research of real time alerts.
    • DLP and IDS administration.
    • Track and report of policy violations.
    • Collaborate with other departments within Securus to ensure the timely delivery of audit materials on a monthly, quarterly and annual basis.
    • Manage repository for control documentation and update documents as needed.
    • Perform internal control testing to validate design and operating effectiveness and document results in the repository on a timely basis.
    • Participate in post-mortem reviews and ensure lessons learned are integrated into the regulatory compliance process.
    • Assist Information Security Supervisor with Security related projects as necessary.

     

     

    Knowledge, Skills, and Abilities:

    • Ability to manage changing workloads while maintaining a sense of priorities and delivering quality service within required timeframes
    • Ability to learn new technologies and applications and apply that knowledge to daily workflows
    • Attention to detail, organized and able to work and research independently.
    • Demonstrated adaptability, analytical and problem solving ability, and attention to detail.
    • Ability to work with urgent deadlines.
    • Advanced Microsoft Office skills – Excel, Outlook, Word.
    • Ability to identify and recommend mitigations for vulnerabilities and exploits.
    • Ability to work with urgent deadlines.

    Qualifications

    Minimum Qualifications:

    • 3+ years in an Information Security role.
    • Information Security certification required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and CEH.
    • Experience in the majority of following areas:
      • Experience with Firewalls, IDS/IPS, VPN, and other network security components from an evaluation, deployment assessment, and audit perspective.
      • Knowledge and experience with various standards (PCI/DSS, SOX, FedRAMP HIPAA etc.)
      • Working knowledge of network infrastructure and security monitoring tools.
      • Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting

     

    Preferred Qualifications:

    • Experience with Linux, Windows, Active Directory security configuration and design, monitoring/alerting, intrusion detection, encryption, vulnerability management and wireless network security.
    • Expert knowledge and experience with Anti-Virus/Anti-malware products.
    • Experience with Information Security principals and activities
    • System administration experience.
    • Knowledge and experience with various standards (PCI/DSS, SOX, FedRAMP HIPAA, CJIS etc.)
    • Project Management certifications.
    • Experience with Information Technology departments in mid to large organizations.
    • Experience with McAfee DLP and ePolicy Orchestrator.

     

     

    Physical Requirements:

    Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools.  May be required to lift up to 25 pounds.

     

    It is the Company’s policy to provide equal employment opportunity to all individuals. Securus will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed