Job Description Weichert Workforce Mobility is hiring an Information Security Analyst in Morris Plains, NJ. The Information Security Analyst is responsible for maintaining situational awareness of potential and developing risks to the company's technology assets. The position monitors and protects data and systems from infiltration, exfiltration, and cyber-attacks. The Information Security Analyst provides support across all areas of information security including security operations, incident response, DLP techniques, monitoring, SOC controls and compliance, and vendor management. Job responsibilities include, but are not limited to, the following:
* Assists with the review and maintenance of information security requirements, policies, and procedures for colleagues and contracts for customers and suppliers.
* Assists with enterprise risk and compliance tool development/design.
* Supports the internal IT and external vendor teams to ensure network equipment is properly logged, installed, configured, and encrypted to protect sensitive information.
* Provides assistance with the semi-annual firewall reviews.
* Assists in the management of tools to protect the company's assets including DLP, logging and monitoring, 3rd party vendor management, penetration testing, and vulnerability scanning.
* Assists in the monitoring of the organization's networks for security breaches and helps with the investigation when one occurs.
* Prepares reports that document security breaches and the extent of the damage caused by the breaches
* Works on information security focused projects internally and externally with customers and suppliers.
* Performs information security vendor risk assessments and vendor risk assessments.
* Assists with the management of internal and external questionnaires, audits, interviews, evidence verifications, and on-site audit reviews.
* Reviews vendor contracts and security agreements to understand the vendors' security assurance commitment to the company.
* Prepares and initiates a vendor audit facilitated by electronic survey and questionnaire assessments, interviews and security reviews.
* Participates in conference calls with the customer's security team to help clarify and negotiate security requirements
* Provides support to ensure all SOC and other controls meet standards through periodic auditing and testing.
* Conducts penetration testing to identify and remediate vulnerabilities in systems before they can be exploited.
* Conducts company's disaster recovery testing.
* Researches the latest information technology security trends and methods of attack and makes recommendations on security enhancements to management or senior IT staff.
* Assists in the training of computer users on current and new security products and procedures.
* Performs other duties as assigned. The ideal candidate will meet the following requirements:
* Bachelor's degree in Computer Science, Information Assurance, Programming or related field required
* Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred Experience
* Minimum of one (1) year of public or private sector experience conducting or supporting intelligence collection, analysis, and dissemination functions
* Understanding and proficiency of the modern information technology and cybersecurity environment
* Working knowledge of Internet protocols, firewalls and cybersecurity technologies such as IDS/IPS, NAC, MFA and Privileged Account Management.
* Knowledge of security frameworks and control activities including SOC2, NIST, OWASP,
* Knowledge of US, State, and International regulations including GDPR, NY DFS, etc), PIPEDA, PCI DSS
* Analytical ability to study computer systems and networks and assess risks to determine how security policies and protocols can be improved
* Detail orientation to detect minor changes in company's network, results, or processes to defend and respond to attacks.
* Strong problem-solving skills to be able to respond to alerts and uncover and fix vulnerabilities in the network
* Strong project management skills Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
BNY Mellon Florham Park, NJ
BNY Mellon Florham Park, NJ
BNY Mellon Jersey City, NJ
Accenture Florham Park, NJ
Boston Technology corporation Hoboken, NJ