Information Security Risk & Compliance Analyst
Responsibilities:
Kforce has a client in search of an Information Security Risk & Compliance Analyst in Media, Pennsylvania (PA).
The Information Security Risk & Compliance Analyst is responsible for supporting and maintaining the information security program to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Client operates.
Principal Duties:
Support the Risk & Compliance Department:
Support the completion of assessments of the operational effectiveness of the security controls and supports any required remediation Identify and document cyber risks and manage mitigation and follow up on open security risks; Report issues to IT stakeholders.
Execute information security testing for all areas of the technology operating environment (e.
g.
, infrastructure reviews, penetration testing, vulnerability scanning, application reviews, cloud, and mobile technology review) with a focus on AWS IaaS and related services, infrastructure as code and related orchestration tools and concepts, O365 and related services, and Azure Assist in the execution of Client's information security program, including meeting PCI compliance requirements Assist with cross-department remediation project tasks in multiple workstreams; Act as lead for IT focused remediation projects Develop and update of information security policies and standards Provide technical support and expertise related to tools used to perform security and vulnerability assessments; Assist with ad-hoc vulnerability compliance reporting and follow up with support partners to ensure all identified vulnerabilities are being addressed REQUIREMENTS:
Degree in Technology-related field preferred, or equivalent work- or education-related experience Professional security management certification is required, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP), or other similar credentials Minimum of 5 years of experience in a combination of incident response, information security and IT Understanding of relevant legal and regulatory requirements, such as:
Payment Card Industry Data Security Standard Understanding and experience assessing and securing AWS and related service and O365 and related services Advanced knowledge of common information security management frameworks, such as ISO/IEC 27001, Critical Security Controls, and NIST 800-53 and Cybersecurity Framework Knowledge of information security concepts and technologies such as:
networking, network segmentation, vulnerability scanners, firewalls, IPS/IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.
Kforce is an Equal Opportunity/Affirmative Action Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
