Analyst, Information Security Resume Samples
4.9
(100 votes) for
Analyst, Information Security Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the analyst, information security job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
AN
A Nicolas
Alysson
Nicolas
4650 Towne Mountains
Chicago
IL
+1 (555) 781 6962
4650 Towne Mountains
Chicago
IL
Phone
p
+1 (555) 781 6962
Experience
Experience
Boston, MA
Analyst Information Security
Boston, MA
Pfeffer-Deckow
Boston, MA
Analyst Information Security
- Establish and deliver incident response and monitoring methods, tools and processes which provide the organization value by reducing risk
- Works as part of a multidisciplinary global & regional team in the delivery of information security and privacy monitoring and response services to the Africa retail and commercial enterprise
- Provide support in relation to the team functions as and when dictated by workloads and deadlines
- Works well both in a team environment and independently
- Responsible for the monitoring and management of events, including notification, escalation response and post incident review
- Maintain CSARC shift logs with relevant activity from your shift
- Aptitude in solving problems independently
New York, NY
Analyst, Information Security
New York, NY
Senger-Medhurst
New York, NY
Analyst, Information Security
- Assist in Audit, policy management, patch management and incident management activities
- Provide support to policy development and management
- Assist with preparation of DoD Risk Management Framework (RMF) accreditation packages
- Working with network, host, and user activity data, and identifying anomalies
- Assist with development and maintenance of information security policies and standards
- Provides VPN, proxy and other critical access management support
- Provide system analysis, troubleshooting and integration support for HBSS on the Air Force Network
present
San Francisco, CA
Senior Analyst, Information Security
San Francisco, CA
Casper Group
present
San Francisco, CA
Senior Analyst, Information Security
present
- Propose changes/improvements to the processes and procedures that will improve operational efficiency, provide better service, etc
- Assist and manage with enterprise-wide risk assessment processes
- Produce and maintain business risk and impact analysis. Develop and propose action plans to limit the risks to our contractual obligations and good management
- Assist in development of procedures and related guidelines
- Responsible to develop and implement various security safeguards and metrics with all teams of operations and managed services customers
- Manage incoming ServiceNow Incidents, Service Requests, Assessments, and Enhancements, ensuring compliance to established deadlines and service levels
- Assist in performing risk evaluations and penetration assessments
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
University of Illinois at Chicago
Bachelor’s Degree in Computer Science
Skills
Skills
- Solid knowledge of any Privileged Access Management System and/or other Identity Management products
- The ability to interact with CommScope’ s personnel at all levels and across all business units and organizations, and to comprehend business imperatives
- Strong verbal communications skills and concise written communication skills
- Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously
- Strong written and verbal communication skills
- Working knowledge of Apache, Weblogic, LDAP, and Linux configuration
- Proven ability to work under stress in
- Knowledge
- Ability to influence
- Strong organizational and multi-tasking skills
15 Analyst, Information Security resume templates
Read our complete resume writing guides
1
Senior Analyst Information Security Risk Resume Examples & Samples
- Buffalo or Chicago based position with interaction to all lines of business
- Support all users across North America
- A Bachelor’s degree or equivalent experience in business, computer science or related field with four to six years progressive experience in information security including a minimum two years experience working with diverse security products
- Strong knowledge in various mainframe or distributed processing platforms (i.e., Active Directory, AS400, OS/390, PCs, UNIX, internal applications, databases, etc.)
2
Analyst, Information Security Resume Examples & Samples
- Function as an incident response handler, directing IT and other departments during security incidents, including evidence preservation, corrective action, and preventive actions
- Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc. Assist in identifying and remediating gaps as identified throughout the investigation. Maintain technical knowledge within areas of expertise via formal training and self-education
- Perform basic programming and develop scripts in support of the Incident Response and Threat Analysis team
- Design, document, and implement incident response processes, procedures, guidelines, and solutions. Responsible for technical and executive level reports on incident response issues
- Some travel may be required within region
- Host and network forensic tools and techniques
- Information security, client/server architectures, and networking
- Current and evolving cyber threat landscape
- Threat intelligence and applied use within incident response and forensic investigations
- Malware analysis and understanding attack techniques
- Interpreting, searching, and manipulating data within enterprise logging solutions
- Working with network, host, and user activity data, and identifying anomalies
- Programming and scripting to support data analysis and simple tool development
- Hacker techniques, tools, and motivations
- Operating systems (Windows, OS X, Linux and UNIX)
- Multilayer security architectures and controls
- Application architecture (mainframes, databases, web, middleware, virtual)
- Network architecture (firewalls, routers, switches and load balancers)
- Security technologies (IDS/IPS, advanced endpoint protection, AV)
- Programming in one or more of the following: C, C++, C#, Java, .NET, SQL, Python, ASM
- Shell scripting in one or more of the following: Perl, Bash, PHP, WMI
- Analyzing file system images, memory images and network packet captures
- Problem solving with missing information while under pressure with short deadlines
- Dynamic malware analysis and indicator extraction
- Indicator pivoting, tracking and analysis
- Ability to prioritize multiple tasks rapidly, formulate a plan, respond quickly and communicate with customers and leadership
- Reviewing application source code for security vulnerabilities
- Using debuggers and/or de-compilers
- Bilingual speaking and writing skills (Japanese, Chinese, Spanish, etc.)
- Strong verbal communications skills and concise written communication skills
- Innovate and stay current on security technologies
3
Senior Analyst Information Security Resume Examples & Samples
- Assist in the continuous review, evaluation, and rollout of security tools
- Governance, monitoring, and supporting security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to IDS/IPS (Host/Network/Wireless), secure file transfer, data loss prevention, full disk encryption, firewalls, log management/correlation, secure password storage/retrieval, application whitelisting, and vulnerability management
- Identifying, responding to, investigating, and remediating potential breaches and issues surrounding data security
- Providing notification, input, or research for issues of actual or suspected security fraud, violations, or abuses
- Examines the results of penetration testing, and assists with the remediation as necessary
- Enforce infrastructure security including Microsoft, Linux/Unix, Workstations, POS terminals, etc
- Assist with the definition, creation, and documentation of information security-related policies, procedures, standards, guidelines and metrics
- Perform after-hours or weekend system maintenance and security support as needed
- Bachelor's degree in the field of information technology, business or related field or combination of applicable education and work experience
- Working knowledge of Infrastructure Security Concepts (Firewalls, DMZ’s, Intrusion Detection/Prevention Systems, Network Security, desktop, laptop and mobile)
- Working knowledge of Application Security Concepts (Identity Management, Password Management, RBAC, provisioning, decommissioning, data and code security management)
- Knowledge of Data Protection Policies, Procedures and Products (Privacy rules & regulations, data security, encryption, digital rights management, Data Loss Prevention)
- Working knowledge of IT Security Concepts (Disaster Recovery, Penetration/Vulnerability Assessment, Task Organization, Role Segregation, Role Engineering, Security Centric QA)
- Strong Analytical/Organizational/Time Management skills
- Strong Interpersonal and Communication Skills: Explain complex systems and technical topics to others who may have minimal technical knowledge
- Must be self-directed, with the ability to work alone or in teams, with minimal oversight, driving positive results in difficult circumstances while maintaining attention to detail
4
Senior Analyst Information Security Operations Resume Examples & Samples
- Responsible for analyzing, monitoring, tracking and reporting behavior/tasks logged by assets in the form of incidents to ensure HBI is protected from any potential leaks of malicious activities
- Propose changes/improvements to the processes and procedures that will improve operational efficiency, provide better service, etc
- Assists team members in support and maintenance activities
- Solves system problems and issues in a timely and accurate manner
- Performs routine monitoring of assigned systems
- Follows SOC process, policies and procedures congruent with standards and industry best practices
- Monitor activities and events in the environment to ensure that anomalous behavior is detected, identified, classified and acted upon where appropriate
- Assess potential risks and vulnerabilities in the network and providing actionable recommendation in the event of malicious activity
- Respond appropriately to security monitoring issues
- Develop and execute corrective action plans where required
- Perform reviews and assessments of security controls before hardware/software is migrated to production and at regular intervals thereafter per security policy
- Maintain currency of security monitoring and analysis solutions
- Minimum of 5 years experience in a security operations center and/or system administration role
- Experience as a Network or Systems Administrator
- Knowledge of firewalls and intrusion detection systems
- Knowledge of Windows, UNIX, Linux or IBM I server platforms
- Knowledge of VMware and/or other server virtualization platforms
- Knowledge of cloud infrastructure and platform as a service systems
- Knowledge of cloud computing solutions, including infrastructure, platform and software as a service preferred
- Experience analyzing IIS, SQL, firewalls, Intrusion Protection/Detection Systems (IPS/IDS), Windows, endpoint protection, Web, and mail filtering logged events
- Ability to read system data, including but not limited to security and network event logs, system logs and firewall logs (moved from responsibilities above)Ability to communicate security objectives orally and in writing to a variety of audiences. Ability to write security requirements and design documents
- Knowledge of business, application, information and enterprise architecture responsibilities, principles and standards
- CISSP, GIAC, certifications are preferred
- General understanding of mobile device management platforms and their security requirements preferred
5
Senior Analyst Information Security Incident Response Resume Examples & Samples
- Experiences in following incident response procedures and standards, strong communication skills and ability to articulate event to senior management
- Understanding of the security mechanisms associated with Windows or Unix operating systems, switched networks, applications and databases
- Extensive experience in responding to information security and privacy incidents
- Can discuss their role vis-a-vis security related trends and outline implications
6
Senior Analyst, Information Security Resume Examples & Samples
- Seven (7) years’ experience in IT security operations
- In-depth knowledge and experience in IT Security and Telecommunications
- In-depth knowledge and experience with 5900/5970 and SAS70 audit reports, SOX and C198 legislation, risk analysis methodologies and security standards (e.g. ISO, PCI)
- The following certifications are an asset: ITIL, CISSP, CISM and CISA
- Knowledge of financial aspects and information technologies
- Good knowledge of common office tools
- Good knowledge of Bell Managed Service Operations would be an asset
- Verbal and written
7
Analyst, Information Security Resume Examples & Samples
- Bachelor’s degree in telecommunications or in computer science with a specialization in telecommunications, or the equivalent
- Five (5) years’ experience in IT security operations
- Good knowledge of Bell Managed Service Operations
8
Senior Analyst Information Security Operations Resume Examples & Samples
- Propose changes / improvements to the processes and procedures that will improve operational efficiency, provide better service, etc
- Bachelor’s degree in Computer Science, Information Systems, Engineering or related major
- Minimum of 5 years’ experience in a security operations center and/or system administration role
- Knowledge of cloud computing solutions, including infrastructure, platform and software as a service
- General understanding of mobile device management platforms and their security requirements
9
Senior Analyst, Information Security Resume Examples & Samples
- Act as spokesperson and expert in information security, risks management and compliance for the Managed Services teams and customers. Collaborate with the Corporate Security and Internal Audit teams
- Involve in projects and various committees to review and analyze complex systems (Applications, OS’s, and networking devices), to identify risks, exposures, define and implement compensating controls
- Responsible to develop and implement various security safeguards and metrics with all teams of operations and managed services customers
- Collects, consolidates and analyzes information required for the evaluation and administration of services rendered; produces reports to recommend processes and procedures to implement such requirements as required by Bell or its clients: ISO 2700x,17799, CSAE 5025/9100, C198, PIPEDA, « Sarbanes Oxley », PCI, etc
- Produce and maintain business risk and impact analysis. Develop and propose action plans to limit the risks to our contractual obligations and good management
- Review, analyse and document the security information requests received and update them in the ticketing system
- Review, analyse and document the exception requests received and update them in the ticketing system
- Coordinate audit requests from the clients under its responsibility according to our contractual obligations
- Conveys the various parameters to be met from the customer to the appropriate managers, and prepares them for the auditors’ visit group in regards to contractual obligations
- Provides follow-up, assistance and quality assurance. Approves reference materials pertaining to computer security equipment operations that are associated with audit mandates
- Accompanies the auditors who are responsible for the audit mandate and interacts with them
- In-depth knowledge and experience with CSAE 5025/9100 and SAS70 audit reports, SOX and C198 legislation, risk analysis methodologies and security standards (e.g. ISO, PCI)
10
Senior Analyst, Information Security Resume Examples & Samples
- Assist with the planning of future control and risk assessments
- Support performing control and risk assessments of technical operating environments. Responsible for comprehensive documentation of the identified gaps and related risk from the technical as well as from the business perspective
- Support Information Assurance program structure across multiple business units
- Review external policies or standards related to Information Security, comparison and gap analysis to internal security policies and requirements
- Support ongoing risk monitoring initiative
- Assist with planning and implementation of security assurance programs
- Manage project(s) and organize internal meetings and tasks
- Work across functional and organizational teams to ensure consistent processes and messaging
- Experience with SQL, Matlab, and/or Java Scripting
- Excellent PowerPoint and Excel skills
- Understanding and ability to create data flows and process diagrams
- Understanding of change management and Software Development Life Cycle processes
- Experience in managing change effectively while maintaining a focus on standard or business-as-usual activities
- Strong leadership skills; sound judgment and analytical skills
- Ability to manage priorities effectively and multi-task
- Excellent project management and presentation skills
- Ability to write and communicate clearly and effectively
- Ability to work independently as well as in a team environment, and foster collaboration
- Ability to pick up new skills through self-learning and on the job training
- Ability to adapt to changing or competing priorities
- Desire to support and assist the team with ad hoc tasks
- Demonstrated interest in Information Security and Risk
11
Senior Analyst, Information Security Resume Examples & Samples
- Providing daily support to the Viacom Legal team, with focus on the collection, storage, management and preservation of data related to current and pending legal matters. This function will occupy greater than 95% of the candidate’s time at work
- Performing vulnerability scans, including analysis and coordinating remediation
- Conducting anomaly detection analysis and coordinating remediation
- Conducting intrusion detection analysis and coordinating remediation
- Participating in the planning and implementation of Viacom Information Security projects
- Participating in the review of projects, business units, and vendors to identify Information Security concerns
- Assist in performing risk evaluations and penetration assessments
- Supporting the company’s risk management program in a manner that fulfills strategic goals of the organization while complying with local, state and federal laws and accreditation standards
- Proactively identify creative risk solutions to enhance data security throughout the enterprise
- Participate in matters related to video content security and anti-piracy
- Assist in development of procedures and related guidelines
- In addition to the primary litigation support function, this position may be asked to assist with matters of video content security on an occasional basis
- Bachelor’s degree in Information Technology or equivalent experience
- Minimum 2 years information security with a total of 3 - 5 years working in a large corporate IT environment
- Working knowledge of Information Security Policies and their development
- Technical – Functional knowledge of the following applications, technologies and protocols
- Ability to act responsibly with sensitive and highly confidential information
- Strong interpersonal, communication and organizational skills
- Ability to deliver results even under difficult timelines
- A strong focus on customer service
- Preference will be given to candidates who hold an EnCe certification
12
Analyst Information Security Resume Examples & Samples
- Conducts security monitoring and leads the incident response effort and other cyber-related investigations
- Acts as the primary incident responder and handles a security incident from detection to resolution with a focus on identifying the extent and impact of the incident and determine the root cause
- Interprets event logs and forensic artifacts from various systems to identify potential security events
- Host and network based forensics are conducted to confirm suspected security events and determine their impact. The Analyst will document the incident in a manner that articulates the event to the most senior of management
- Acts as the primary security intelligence coordinator and conducts research regularly to identify new and emerging threats and indicators
- Communicates relevant intelligence and will coordinate with various intelligence communities including US-Cert’s Defense Security Information Exchange (DSIE), FBI’s InfraGard as well as public and open source forums to receive and disseminate actionable security intelligence
- Identifies security vulnerabilities by identifying abnormal system behavior and communicates these findings to the appropriate party for remediation thus requiring the Analyst to fully understand the security deficiency and the action required to correct the deficiency
- Conducts forensic host and network investigations for various purposes to include but not limited to: Advanced Persistent Threats (APTs) and intrusions conducted by Foreign Actors; Human Resource requests regarding employee performance issues; Ethics inquiries regarding violations of corporate policy; criminal investigations of external and internal perpetrators; legal support for intellectual property and trademark issues; data spills of classified materials; threat assessments and compliance auditing of information systems as well as employees traveling to foreign countries
13
Analyst, Information Security Resume Examples & Samples
- Provide support to policy development and management
- Ensure policies are tested and disseminated
- Provide engineering artifacts for C&A efforts as required
- 2-5 years of related experience in data security administration
- 3-5 years of IT-related IA/security experience desired
- DoD 8570 Security certification (CISSP, GIAC, IAM, GSEC, Security+ CE), and HBSS 201/301 certifications
- BS/BA degree or equivalent combination of education, training, certifications and work/military experience
- Experience with HBSS suite of McAfee tools or similar host-based security solutions
- DISA HBSS on-line training must be completed prior to start of work
- Understanding of DISA STIG requirements
- Additional technical certifications
14
Analyst, Information Security / Hbss Resume Examples & Samples
- Policy distribution and management
- Detection of new and rogue clients on AF networks
- Maintain logs
- Understanding of the DISA STIG requirements
15
Senior Analyst, Information Security Resume Examples & Samples
- Minimum of 5 years Information Security experience or equivalent experience in Information Risk Management
- Certified Information Systems Security Professional (CISSP) or other equivalent certifications required
- Strong experience and up to date knowledge in Open Systems, Windows, Mobility, Internet and network security products and platforms, including user authorization, encryption tools and techniques, communication protocols, vulnerability assessments, data loss and penetration testing, and secure coding
- Mix of IT operations and business program experience required
- Demonstrated skills in project management, collaboration, communication and organizational skills required
- Information Security Consulting background and experience preferred
- Written and verbal communication skills are critical
- Adept at communicating concepts to diverse audiences with varying skill sets
16
Security Analyst, Information Security Resume Examples & Samples
- Post-Secondary degree or equivalent program in Computer Science, Management Information Systems or similar field is strongly preferred
- 5 - 7 years of relevant experience, with a minimum of 3 years work experience in configuring, implementing and administering Security tools and delivering security services or other enterprise-grade technology services. Experience in implementing, configuring and managing of multiple enterprise platforms and services delivery environments is a strong plus
- Hands-on experience with Vulnerability Management scanning platforms like Qualys, McAfee and others is a strong plus
- Hands-on experience with managing penetration testing engagements by 3rd party pen testing services providers for the purpose of assessing enterprise exposures at network and Web Applications level is a definite plus
- Work experience with Qualys Vulnerability Scanning platform a strong plus
- Security certifications or ITIL Foundations or equivalent certifications a definite plus
- Knowledge of regulatory and compliance-driven processes and activities to ensure enterprise compliancy to internal policies and regulatory requirements
- Experience with delivering according to instituted security or operational performance metrics a strong plus
- Prior experience in a financial industry organization a plus
17
Senior Analyst, Information Security Resume Examples & Samples
- Identify technical security issues and weaknesses and design solutions to prevent future re-occurrences. Conduct technical consulting where appropriate to different lines of business and IT. Advise internal lines of business, IT partners, and third parties on how to remediate technical security issues and verify remediation activities
- Responsible for in-depth technical security testing of company websites, network infrastructure, and applications using a combination of automated & manual commercial/open-source tools. Responsible for technical and executive level reports on identified security issues
- Serve as an internal information security consultant to the organization. Assist in the review of applications and/or technology environments to assess information security risk
- White Box or Black Box penetration testing experience. Knowledge in both types of testing environments is essential
- Event logging infrastructures such as Elasticsearch
- Existing and emerging techniques used by malware
- Security hardening techniques for Server OS (Windows, Unix & Linux), Databases (MySQL, Oracle, MS SQL), and Application Servers (JBOSS, WebSphere)
- Computer, systems and network architecture; operating systems, virtual environment, and networking protocols
- Compiled and interpreted programs, for example: database systems, web Servers, application Servers, mainframes, Firewalls, Routers, load balancers, Switches, and different types of Middleware
- Using commercial and open source security testing tools
- Reading and writing queries for logging infrastructures
- Reverse engineering complex code, using tools such as IDA Pro, OllyDBG and other similar tools
- Programming in 2 or more of the following; C, Java, .Net, SQL
- Shell scripting in 2 or more of the following; Perl, BASH, Python, Powershell, PHP, WMI, SED
- Using debuggers and/or decompilers
- Learn new skills through self-learning and on the job training
- Demonstrate strong verbal communications skills and concise written communication skills
- Manage competing priorities while maintaining organized and detailed reporting of status and progress
18
Analyst, Information Security Resume Examples & Samples
- Configure, document, and maintain various security devices (firewalls, proxy servers, email gateways, Host IDS, Network IDS, IPS, VPN, AAA devices, DNS servers, Assessment and monitoring tools)
- Examine existing infrastructure and identify weaknesses and propose remediation
- Perform regular assessments of the environment and its applications to document any risks
- Ensure adherence to information security policies and standards
- Maintain an in-depth knowledge of industry best practices, concepts and procedures
- Assist in Audit, policy management, patch management and incident management activities
- Bachelor’s degree in Engineering, Computer science or equivalent
- Information security related certification/s such as CISSP, CEH, GIAC
- Experience presenting to technical audiences
- Advanced level of understanding of UNIX/ Linux and Microsoft Operating Systems
- Candidate should be able to write best practice guides for securing and hardening systems and network devices
- Advanced level of understanding of routed and switched network
- Proficient with various tools used in information security (open source and commercial)
- Expert level understanding of IDS and IPS (open source and commercial)
- Process-oriented with high attention to detail
- Product specific certifications such as MCSE, CCNP, CCSP, RHCE is a plus
- Hands-on experience with performing applications assessments, code reviews and testing is a plus
- Knowledge of business, security and privacy requirements related to international standards and legislations such as ISO 27001, SOX, PCI, SAS-70 Type II
- Knowledge of BCP and DR plan requirements and testing procedures
- Knowledge of mainframes is a plus
19
Senior Analyst Information Security Resume Examples & Samples
- Serves as conduit between developers, architects and designers, and with internal business partner and/or vendor companies
- Demonstrate problem solving skills, have strong presentation and analytical skills, and possess a desire to work in fast pace environment
- 2-4 years Customer Service experience required
- 5+ years of relevant technical or business work experience
- Ability to interact professionally with a diverse group of employees, managers and executives
- Ability to work independently and manage one’s time
- Understanding of access requests and approval processes
- Enterprise level applications experience
20
Prin Analyst, Information Security Resume Examples & Samples
- Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience
- Advanced knowledge of data security
- Requires familiarity with domain
- Comprehensive knowledge of the principles, methods, and techniques used in
21
Senior Analyst, Information Security Resume Examples & Samples
- Advising business and technology teams concerning information security risks and compensating controls that balance risk with project implementation
- Subject-matter guidance on information security requirements for Third Parties, business partners or vendors
- Working with legal team to ensure contract information security contract requirements are addressed
- Identification of information security risks in business partner or vendor agreements
- Performing enterprise risk assessments and ensuring that regulatory requirements are addressed (e.g. GLBA, FFIEC)
- Ensuring appropriate due diligence is conducted for merger and acquisition activities
- Identification of inherent information security risks resulting from business operations
- Managing Information Security risk acceptance requests are adequately documented, approved and tracked
- Building constructive and collaborative partnerships/relationships across the businesses and functions
- Reframing the way business partners view information security in their business and promote it as a value proposition
- Providing alternative options to business partners by translating emerging IT and business trends into risks and opportunities
- A minimum of 3 to 5 years of leading IT risk assessments, IT security audits or Information security due diligence assessments
- Identifying and promoting Information Security requirements within Third Party engagements, internal projects and existing processes/operations
- Negotiating Information Security contract language with Third Parties
- Application of information security technologies, frameworks and controls to address business risks
- Ability to convey complex information risk and security issues in a manner easily understood and actionable
- Certification as an information Systems Security Professional (CISSP, CISA)
- Negotiation and persuasion abilities
- Knowledge of relevant information security frameworks, standards and controls
- Knowledge of relevant financial industry regulations, with an emphasis on information security and privacy requirements
- Ability to evangelize information security while balancing counter-veiling pressures
22
Analyst Information Security Resume Examples & Samples
- Rapidly identify, categorize, prioritize and investigate events as the initial cyber event detection group for the enterprise using all available CSARC log sources
- Monitor incoming event queues for potential security incidents per operational procedures
- Perform initial investigation and triage of potential incidents, and escalate or close events as applicable
- Monitor CSARC ticket (and email) queue for potential event reporting from outside entities and individual users
- Maintain CSARC shift logs with relevant activity from your shift
- Document investigation results, ensuring relevant details are passed to Tier 2 for final event analysis
- Update/reference CSARC collaboration tool as necessary for changes to process and procedure, ingestion of daily intelligence reports, and previous shift logs
- 4 years of Information Technology related experience
- Experience monitoring services across multiple platforms
- Strong verbal and written communications
23
Principal Analyst, Information Security Resume Examples & Samples
- Computer security, specifically in a Window OS environment
- A thorough understanding of computer TCP/IP Networking
- Experience monitoring system consoles for possible security events and security incidents as a computer security analyst
- Experience conducting incident response duties related to malware infections, DoS attacks, email phishing attacks and rasomware/Command and Control types of incidents
- Experience with Trend Micro Tipping Point Devices is highly preferred
- Must be able to obtain a Public Trust clearance
24
Analyst, Information Security Resume Examples & Samples
- BlueCoat Proxy
- WebSense Web Security
- SourceFire IDS
25
Analyst, Information Security Resume Examples & Samples
- Manage and deliver certificates for the different KMS services
- Operate the security and key management systems used by the KMS within the boundaries of operational and security procedures
- Provide support to both internal and external customers, on both specific technical questions relating to the services as well as general operational or procedural aspects
- Contribute to the operational set-up of new security services offered by MasterCard and in the improvement of the operational efficiency of existing services
- Participate in the On-call rotation
26
Analyst Information Security Resume Examples & Samples
- Works as part of a multidisciplinary global & regional team in the delivery of information security and privacy monitoring and response services to the Africa retail and commercial enterprise
- Responsible for the monitoring and management of events, including notification, escalation response and post incident review
- Establish and deliver incident response and monitoring methods, tools and processes which provide the organization value by reducing risk
- Provide support in relation to the team functions as and when dictated by workloads and deadlines
27
Analyst Information Security Resume Examples & Samples
- Audit and monitor production system logs for unauthorized transactions and intrusions
- Assist in performing security risk assessments and disaster recovery/business continuity planning
- Assist in the development, implementation, and ongoing administration of the company’s information security policies, procedures, and guidelines and related documentation
- Provide analysis and recommendations for information security configuration to IT Project Managers
- Perform administrative functions to complete required tasks including recording issues into tracking system, checking voicemail/email, and documenting processes and issues
- Actively promote security awareness programs within the company
- On-call work (24x7) is required to respond to critical issues outside of business hours and some limited business travel is required
- Provide detailed verbal and written communication to management and peers
- Manage multiple projects with competing priorities including leading projects to install new security applications and technologies
- 3 to 5 years of information security experience that includes a 4 year degree, in Business or an IT Discipline, from an accredited University is strongly preferred
- Must be able to read, write, and fluently speak and understand the English language
- Industry certification such as; CISSP, MCITP, CISA, MCSE, or GIAC preferred
- Understanding of networking and communication techniques including WANs, LANs, Internet, Intranets, and protocols such as TCP, UDP, and IPSEC
- Ability to create and analyze system logs and network traffic captures from a security perspective; including anomalous traffic, intrusions, elimination of false positives, and recommendations for event tuning, using appropriate tools
- Security experience with networking technologies including, but not limited to routers, switches, and firewalls
- Understanding of industry best practices including ISO 17799/13335, NIST, COBIT, SANS, etc
- Experience developing, implementing and communicating security policies, standards, guidelines, and procedures
- Subject matter expertise in at least two technology-related disciplines; intrusion detection, antivirus, data loss protection, access controls, perimeter security, internet filtering, LDAP systems, Active Directory, Exchange, MS SQL, etc
- Ability to communicate, both written and verbal, with a variety of end users possessing a range of technological skills
- Satisfactory performance and attendance are required
- Candidates will be required to pass applicable American Airlines pre-hire compliance checks
- Must have acceptable credit history, which will be verified (e.g., no past due accounts, charge-offs, collection items or bankruptcies)
28
Analyst, Information Security Resume Examples & Samples
- Provide Information System Security Engineering expertise throughout the system’s entire lifecycle in accordance with Risk Management Framework (RMF) methodologies and DoD Instruction 8570.1-M
- Conduct Security Engineering of IA of DoD and Federal Information Systems, which will include developing security requirements, data gathering and documenting system security plans, risk assessments, contingency plans, security test and evaluation plans, security concepts of operations
- Develops, reviews, and maintains security policies and standards on commonly deployed systems
- Generates and reviews RMF packages
- Utilize knowledge and expertise in RPASOC, AF DCGS and FPED systems
- Contentiously monitor ACAS and NESSUS scan utility
- Prepare Assessment and Authorization packages
- Ensure all system security requirements are addressed during all phases of the system life cycle
- Provide assistance and guidance to Information Assurance I, when needed on more difficult technical problems and tasks
- Maintains job knowledge by studying state–of-the-art development tools, programming techniques, and computing equipment, participating in educational opportunities, reading professional publications, maintaining personal networks and participating in professional organizations
- Security+ or other 8570 certification required
- MUST HAVE a Top Secret Security clearance with SCI
- Experience with or knowledge of RPASOC, AF DCGS, or FPED systems required
- Knowledge of ICD 503 and NIST publications
- Experience in continuous monitoring using ACAS and NESSUS scan utility
- Familiarity with audit reduction tools
- Experience with EITDR, eMASS, and XACTA
- Proven expertise in preparing Assessment and Authorization (A&A) packages
- Must have experience with ensuring system security requirements are addressed during all phases of the system life cycle
- Ability to utilize computer skills to prepare appropriate reports and documents
- Familiar with a variety of the field’s concepts, practices and procedures
- Ability to lead and direct the work of lower lever IA’s
- Able to work in a fast-paced production environment with ability to handle multiple competing tasks and demands simultaneously
- Excellent communication, business analytical and problem-solving/trouble shooting skills
- Effective Customer Service and management skills/capabilities; including a demonstrated ability to work cross-functionally (internally) and/or externally
- Strong English language skills (both written and verbal)
- Interest in new technologies and the ability to adopt to those new technologies
- High level of drive and ability to learn
29
Analyst, Information Security Resume Examples & Samples
- Perform IT risk assessments of internal initiatives and critical third party/vendor relationships against criteria descending from industry standard information security frameworks and industry regulations, such as ISO/IEC 27001:2013, NIST SP 800-53, HIPAA, FERPA, SOX, and PCI-DSS 3.0
- Support engineering and maintenance of an eGRC platform to support the risk management and security operations functions
- Assist in the development of risk treatment plans to address areas of strategic and tactical IT and information risks in both business operations and technology paradigms
- Assist with development and maintenance of information security policies and standards
- Support development and maintenance of an information security compliance and metrics program for consistent management reporting of risks to sensitive information and technology resources across the enterprise
30
Senior Analyst, Information Security Resume Examples & Samples
- Administer the IdentityIQ Access Certification processes, ensuring compliance to all associated tasks and controls
- Manage incoming ServiceNow Incidents, Service Requests, Assessments, and Enhancements, ensuring compliance to established deadlines and service levels
- Enhance the scope of Access Certification processes by onboarding new applications in IdentityIQ
- Bachelors degree in related field or equivalent work experience
- 2+ years experience in related field preferred
- Experience with IdentityIQ preferred
- Proficient PC skills; including working knowledge of Microsoft Office products
- Expert knowledge of Microsoft Excel or Microsoft Access preferred
- Team player with the ability to multitask in a fast paced project environment
- Strong command of the English language, both oral and written
- Motivated self-starter with the ability to work well with all levels of the corporate structure
- Strong technical and IT experience required
- Applies working knowledge in the application of concepts, principles, and technical capabilities to perform varied tasks
- Works on projects of moderate scope and complexity
- Identifies possible solutions to a variety of technical problems and takes actions to resolve
- Applies judgment within defined parameters
- Receives general guidance may receive more detailed instruction on new projects
- Work reviewed for sound reasoning and accuracy
31
Senior IT Analyst, Information Security Resume Examples & Samples
- Participate in design, development, evaluation, and integration of computer systems and networks to maintain system security
- Research, recommend, and implement changes to procedures and standards to enhance information systems security
- Work with management to identify sensitive and critical data, understand departmental information security needs, and to develop procedures to accommodate those needs
- Identify potential threats and respond to reported security violations. Determine causes of security violations; recommend and implement corrective actions to ensure information systems security
- Participate in developing and communicating security procedures and guidelines to users
- Administer user access and maintain records of authorized users
- Participate in projects designed to enhance information system security
- Assist in developing security systems for any manual or automated systems
- Education:Bachelor’s degree (B.A./B.S.) or equivalent in computer science or related discipline
- Experience: Minimum of 2 years related experience in IT
- Certification/Licensure: None
- Other: Must have good general knowledge of functional IT area, effective communication skills and good interpersonal skills
32
Analyst, Information Security Resume Examples & Samples
- Performs system account access function to include creating accounts and imaging workstations, laptops, servers, and other networked equipment/systems
- Assits with documentation and accreditation requiremetns to include Risk Mangement Framework tools, etc.
- 2-5 years of related experience in data security administration and system/desktop support. Must meet 8570.1 certification requirements to include baseline and computing environment certifications. Must have COMPTIA Secuirty+ (CE) certifcation prior to start
33
Analyst, Information Security Resume Examples & Samples
- Participates in the development of security policies, standards, and processes to protect the Company’s information resources
- Creates and implements firewall rules and policies
- Designs firewall architecture concepts and designs
- Supports the development and management of next generation firewalls
- Provides VPN, proxy and other critical access management support
- In depth experience with Firewall engineering concepts and families (such as CISCO)
- Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Works with the IT department and members of the information security team to identify, select and implement technical controls
- Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments
- Proactively monitors and administers security systems for anomalies and threats to the Company’s computing environment. The security systems may include, but are not limited to firewalls, intrusion prevention & detection (IDS/IPS), vulnerability scanning systems, Security Information and Event Management (SIEM), Log Management and Information (LMI), Internet access management systems, endpoint security systems, and Data Loss Prevention (DLP)
- Performs issues categorization and in-depth analysis of security events. Conducts all necessary follow-up actions of vulnerability and/or security incident resolution
- Performs network and host forensic activities based on security investigation requirements
- Cross-trains with team members on technology, processes, and procedures
- The ability to interact with CommScope’ s personnel at all levels and across all business units and organizations, and to comprehend business imperatives
34
Analyst, Information Security Resume Examples & Samples
- Maintains an awareness of state and federal regulations/legislation and other governing requirements
- Works on a project basis to address Molina compliance as mandated by HIPAA Security, Sarbanes Oxley Act and State & Federal Regulations
- Evaluates and provides recommendations to the IT development teams and third parties on how to address areas of non-compliance
- Works with Molina IT areas and appropriate business owners to ensure new and existing applications and systems comply with Molina security policies
- Works to ensure systems and data are protected in an appropriate manner
- 1-3 years
35
Senior Analyst, Information Security Resume Examples & Samples
- Maintain and manage Information Security tools and technologies (including SIEM, IDS/IPS, Anti-malware, Vulnerability Management scanners)
- Troubleshoot configuration and performance issues with Information Security tools and technologies
- Participate or lead security incident response and remediation efforts
- Actively work to reduce Bombardier’s security risks
- You are experienced with security incident response planning and execution
- You are well-versed in UNIX, Linux & Windows security including system hardening
- You have a strong working knowledge of network configuration, infrastructure and administration
- You have a minimum of 5 years’ experience in Information Security or related functions
- You have an understanding of current security-related standards including ISO, ITIL
- You have a background in technical IT roles such as network administration, architecture, systems management or application support
- You are able to work on-site in either Montreal, QC or Toronto, ON and are fluent in French & English
36
Analyst, Information Security Resume Examples & Samples
- Collaborating to solve complex security problems as part of a highly dynamic, close knit team of dedicated security professionals
- Managing the effective response to security related incidents in accordance with the established incident response framework
- Analyzing, managing, and documenting alerts from various information security controls
- Deploying and managing information security controls
- Collecting relevant data to support the preparation of the information security dashboard
- Participating in the administration of information security related governance activities
- Performing real-time monitoring of third party threat intelligence feeds, forums, and mailing lists to gather information on vulnerabilities, exploits and threat actors applicable to the fund
- Producing threat intelligence reports to support operational and strategic security planning work-streams
- Assessing security incident trend data to determine systemic operational risks and then supporting the development of solutions to mitigate risks
37
Senior Analyst, Information Security Resume Examples & Samples
- Work with business units and other risk functions to identify security requirements, using methods that may include risk and business impact assessments
- Manage completion of information security operations documentation, including policy development
- Play an advisory role in application development, infrastructure engineering and/or acquisition projects to assess security requirements and controls, and to ensure that security controls are implemented as planned
- Assist and manage with enterprise-wide risk assessment processes
- Drive cross-functional remediation of previously identified security risks and close out pending action plans
- Proactively collaborate with service providers to understand operational findings and drive the appropriate company response
- Architect, develop, deploy and support information security systems and solutions such as strong authentication, key management, IPS, SIEM, antimalware, and others
- Interact with internal and external customers on security-related projects and operational tasks
- Participate in 24x7 Information Security Response team
- Report to company management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Performs security due diligence assessments with vendors and contractors
- Researches, evaluates, and recommends information security related hardware and software, including developing business cases for security investments
- Manage services to analyze, monitor, track and report behavior/tasks logged by assets in the form of incidents to ensure the company is protected from any potential leaks or malicious activities
- Read and understand system data, including, but not limited to, security and network event logs, syslogs, and firewall logs
- Participate in the security awareness training program review and development
- Perform risk and security assessments to identify control weaknesses and recommend remedial actions for any issues found. Manage and track competition of remedial actions
- Manages relationship with the audit groups (both internal and external). Provides information as requested, receives audit findings, and manages the collection of responses and remediation plans with owners
- Maintains an awareness of existing and proposed security standard setting groups, state and federal legislation and regulations pertaining to information security. Identifies regulatory changes that will affect information security policy, standards and procedures, and recommend appropriate changes. Works with other groups and assists in the development of security architecture and security policies, principles and standards
- Develop and maintain an open and candid relationship with the management through regular contact to discuss all important matters and to make suggestions for improvement
- Seek out and identify new opportunities for reducing cyber corporate risk
- At least 8 years of experience in the Information Security domain[s] and 10+ years overall technology experience
- Experience in IT regulation and compliance standards, such as PCI/DSS, ISO 27001/27002, NIST 800-53, Center for Internet Security top 20 Critical Controls
- Practical use and implementation of solid knowledge of information security principles and practices for a public corporation; Understanding of IT methodologies, such as software development lifecycle and ITIL operations
- Foster and support a collaborative, harmonious team environment that raises information security knowledge for everyone
- Critical thinking and strong judgment skills
- Successful relationship management skills
- Ability to successfully negotiate and resolve conflicts
38
Analyst, Information Security Operations Resume Examples & Samples
- Responsible for the tracking and assignment of tickets/events to Security Operations Team
- Participate in the health maintenance & monitoring of the security tools
- Participate in the response operations and investigative processes related to cyber security events
- 1 -2 years work experience in computer security, network operations, or information security. A combination of commensurate school or training experience may also be considered
- Broad knowledge of information systems and networking technologies, demonstrating understanding related to the functionality of, secure configuration of, and security logs produced by those information systems
- Knowledge, skills, and abilities to conduct cyber-related or cyber-facilitated activities
- Degree in Computer Science or computer security certifications
- Strong interpersonal, analytical, organizational, written and verbal communication skills
- Customer service experience, working with users over the phone, via email, and in person
- Self-motivated with the ability to work independently
- Experience in analyzing events, and incidents related to computer security
39
Senior Analyst, Information Security Engineer Resume Examples & Samples
- Manage relationships and consult with business, technical, and other key partners on relevant information security systems, best practices, and trends
- Serve as security expert for day-to-day inquiries related to security/confidentiality and consult and provide suggestions to management on security related matters
- Take a leading role in securing the Kiewit systems and data from potential threats or compromise
- Actively participates in leading, creating and implementing improvements in security threat monitoring, attack methods, and incident response
- Evaluate new and existing projects and technologies related to information security and consults with IT projects to provide guidance on security architecture and security posture to ensure that risk is appropriately addressed
- Ensure processes and products that are under consideration by Kiewit meet Kiewit security standards and evaluate contractual requirements relative to systems capabilities to ensure they meet security requirements
- Participate in the interpretation, revision, distribution and enforcement of Information Security Policies, Standards and Procedures
- Define, analyze, evaluate, and provide process oversight for the implementation of security solutions and operational security tools to meet business needs
- Mentor team members and assists them in developing greater knowledge in the toolsets
- Design and implement systems’ security defenses and capabilities
- Partner with the Security Operations team to investigate security incidents and potential compromises to our systems and take actions to protect Kiewit systems
- Review current security capabilities, evaluate system changes across the organization and continually evaluate our systems exposure to existing threats, security risk and impact, and provide advice on mitigating controls
- Stay informed and tuned to security industry trends, potential threats and vulnerabilities
- Proficiently conduct technical assessments and security requirement analysis of information systems
- Have technical understanding of emerging technologies and their implementation within the Kiewit network environments
- Bachelor's degree in computer-related field such as Information Assurance, Computer Science, Mathematics or Engineering (or equivalent combination of education and experience)
- 8+ years’ professional experience in Information Security, Risk Management, IT Controls or related area
- 5+ years’ related work experience required in security engineering, risk and governance
- Nice to have: GCIH (GIAC Certified Incident Handler), GCIA (GIAC Certified Intrusion Analyst), GMON (GIAC Continuous Monitoring), CEH (Certified Ethical Hacker) CCNA (Cisco Certified Network Associate), ISSEP (Information Systems Security Engineering Professional), CISM (Certified Information Security Manager)
- In-depth understanding of security related technologies such as encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, and access lists
- Strong interpersonal, oral, and written communication skills
- Strong understanding of and extensive experience working with automated information security assessment and risk management/remediation tools
- Must be able to Identify issues, obtain relevant information, relate and compare data from different sources, and identify alternative solutions
- Must be able to provide guidance and feedback to help an employee or groups of employees strengthen their knowledge, skills and abilities to accomplish a task or solve a problem
- Must have the ability to write technical information in a clear and concise manner and to be able to convey information appropriately for a variety of audiences
- Must be highly motivated, self-starting and self-directed with the ability to multi-task, work independently and as a part of multiple teams
- Experience with requirements analysis, architect, design, and documentation development of cybersecurity and information security solutions
- Knowledge of the system development life cycle and configuration management
- Experience with tools and scanners used to evaluate the security posture of the systems/environment
40
Analyst, Information Security Resume Examples & Samples
- Work on integrating servers and systems from across the company with Oracle Privileged Account Management system
- Integrate applications with Web Access Management system for Single Sign ON and secure authentication
- Monitor the health of IDM platform and implement support processes
- Triage issues while working on P1 calls and escalations
- Solid knowledge of any Privileged Access Management System and/or other Identity Management products
- Working knowledge of Apache, Weblogic, LDAP, and Linux configuration
- Track record of being customer-focused under pressure
- Build knowledge and expertise of security tools, services and technologies, in particular SPGI’s use of the Oracle Identity and Access Management suite
- Form working relationships with multiple technology teams across SPGI
- Triage incidents in Production and Test environments, including system issues and user onboarding queries that cannot be resolved by Level 1 support. Although this role is shift-based, occasionally you will need to work outside of business hours or on weekends. Your success in improving platform stability directly minimizes these support calls!
- Bachelor's degree in Computer Science, Information Technology or MCA
- Minimum 2-3 years of experience in a support role, including optional 1 year of experience in application security
41
Senior Analyst, Information Security Resume Examples & Samples
- Partner with key organizational stakeholders to develop, assess, and ensure appropriate controls and security measures are designed into IT solutions
- Builds and manages the deployment of technical standards and processes
- Lead evaluations, recommendations (and where required, projects) of specific tools and technology deployed to enhance Information Security within the organization
- Perform security reviews of IT systems and controls against approved internal technical standards
- Manage incident response and post-mortem investigations/reporting of critical security incidents
- Lead risk assessments to identify technology and business process risks using methods that may include business impact assessments, evaluation of control environments, review of SSAE 16 reports, and ability to analyze above data and produce intelligent risk statements and risk reports
- Coach and mentor peers and associates in the area of security and systems solutions
- University degree (computer sciences and/or engineering) highly desirable. Must have a current CISSP or related advanced IT security certification
- Minimum eight years of experience in Information Technology and/or networks
- Minimum five years of experience in Information Security related positions, of which a minimum of three years of experience in Enterprise Security design-related roles such as network, infrastructure, information, and application design
- Minimum one year supervisory or team-lead experience
- Adept to take on various roles, both on a technical, administrative, and project level
- Strong facilitation skills and a clear ability to build strong relationships with business and technical stakeholders at all levels
- Proficient understanding and experience with core technologies such as (but not limited to) MS Active Directory, MS Exchange, MS Window Servers, Mobile Management, Networking devices and protocols. Experience with SAP GRC would be considered an asset
- Proficient understanding and experience with security related tools and controls such as SIEM, IPS, Firewalls, End Point Protections, and Network Access controls. Exposure to an Identity Access Management system is considered an asset
- Experience using both network and application vulnerability testing tools
- Previous experience in implementing controls from the ISO 27000 framework
- Strong interpersonal and communication skills, including ability to write professional business reports and conduct oral presentations
- Sound understand of Project management principles with experience driving successful outcomes
- Thorough, detail-oriented and highly organized
- Self-motivated individual with ability to prioritize and complete tasks with minimal supervision
- Self-motivated, with leadership skills; dedicated with a desire to learn
42
IT Security Analyst, Information Security Resume Examples & Samples
- Bachelor’s degree in Computer Science or Electrical, Mechanical, or Computer Engineering or an applicable field
- Ability to develop moderately complex applications utilizing common languages such as Java, Python, C, or C++
- Solid understanding of the legal, ethical, managerial and organizational principles and standards for acute care hospitals and multi-facility health systems in California
- Certified in Risk and Information Systems Control (CRISC)
