Information Security Risk & Compliance Analyst

RESPONSIBILITIES: Kforce has a client in search of an Information Security Risk & Compliance Analyst in Media, Pennsylvania (PA). The Information Security Risk & Compliance Analyst is responsible for supporting and maintaining the information security program to ensure that information assets and associated information systems are adequately protected in the digital ecosystem in which Client operates. Principal Duties: Support the Risk & Compliance Department: Support the completion of assessments of the operational effectiveness of the security controls and supports any required remediation Identify and document cyber risks and manage mitigation and follow up on open security risks; Report issues to IT stakeholders. Execute information security testing for all areas of the technology operating environment (e.g., infrastructure reviews, penetration testing, vulnerability scanning, application reviews, cloud, and mobile technology review) with a focus on AWS IaaS and related services, infrastructure as code and related orchestration tools and concepts, O365 and related services, and Azure Assist in the execution of Client's information security program, including meeting PCI compliance requirements Assist with cross-department remediation project tasks in multiple workstreams; Act as lead for IT focused remediation projects Develop and update of information security policies and standards Provide technical support and expertise related to tools used to perform security and vulnerability assessments; Assist with ad-hoc vulnerability compliance reporting and follow up with support partners to ensure all identified vulnerabilities are being addressed REQUIREMENTS: Degree in Technology-related field preferred, or equivalent work- or education-related experience Professional security management certification is required, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP), or other similar credentials Minimum of 5 years of experience in a combination of incident response, information security and IT Understanding of relevant legal and regulatory requirements, such as: Payment Card Industry Data Security Standard Understanding and experience assessing and securing AWS and related service and O365 and related services Advanced knowledge of common information security management frameworks, such as ISO/IEC 27001, Critical Security Controls, and NIST 800-53 and Cybersecurity Framework Knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS/IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc. Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Equity Research Analyst, Value
Broomall, PA Wellington Management Company, LLP
Board Certified Behavior Analyst
Allentown, PA Educational Services of America
Board Certified Behavior Analyst
Pottsville, PA Educational Services of America
Security Officer 2
Langhorne, PA SeaWorld Parks
Board Certified Behavior Analyst
West Chester, PA Educational Services of America