Senior Info Security Analyst Resume Samples

4.6 (108 votes) for Senior Info Security Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the senior info security analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
AM
A Miller
Anibal
Miller
31088 Durgan Greens
Chicago
IL
+1 (555) 959 5646
31088 Durgan Greens
Chicago
IL
Phone
p +1 (555) 959 5646
Experience Experience
Detroit, MI
Senior Info Security Analyst
Detroit, MI
White, Bogisich and Konopelski
Detroit, MI
Senior Info Security Analyst
  • Management action plan development, maintenance, and monthly status reporting Risk management
  • Develop innovative security solutions to protect Visa’s products/services and provide Visa with new threat detection and prevention capabilities
  • Work closely with the risk team to understand the threats involved in our realized risk, and to provide recommendations that improve our security posture
  • Create innovative in-house control capabilities to assist in the automation of existing security operations functions
  • Document and develop tools to assist Security Operations personnel in log collection and review
  • Assists with and/or performs special projects as requested
  • Recommend process improvements and work with the Organizational Effectiveness team to implement changes
Los Angeles, CA
Biso Analyst / Senior Info Security Analyst
Los Angeles, CA
Cassin Group
Los Angeles, CA
Biso Analyst / Senior Info Security Analyst
  • Provide subject matter consulting for ad hoc guidance requests involving IT risk
  • Develop and maintain strong business and technology relationships, becoming a trusted partner to the business units that they support
  • Provide subject matter expertise, guidance and direction into Information Technology policy, standards and controls and IT Risk programs
  • Partner with the rest of the IT Risk and Security organization to ensure program consistency, develop information security risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation
  • Communicate the practical implications of IT risk treatment decisions to business and technology individuals
  • Build a culture and climate focused on the pro-active awareness of, and continuous improvement in, the technology risk environment
  • Provide mentoring to junior analysts, assist in the development of a training program, and conducting training to provide exposure and continued growth
present
New York, NY
Senior Info Security Analyst Privileged Access Management Database
New York, NY
Eichmann-Stokes
present
New York, NY
Senior Info Security Analyst Privileged Access Management Database
present
  • Diligently document access management procedures; keep the access management procedures up-to-date
  • Identify, analyze and implement process improvement opportunities for the management of Database Privileged Access on the various OS platforms (Windows, UNIX, Mainframe/ Tandem)
  • Actively participate in Identity Access Management (IAM) integration and automation effort and ensure alignment to Visa IAM strategy and security policies/standards
  • Proactively identify audit and compliance access related issues to reduce the risk of security exposures on the support databases and systems; coordinate access management related audit and compliance tasks, such as user privileged access reporting and other relevant research and investigation
  • Good working knowledge of Identity Access Management lifecycle and processes, incl. role-based access controls
  • Act as Subject Matter Expertise (SME) over IAM practices, policies and procedures for the access management of Databases (i.e. DB2, Oracle, MSSQL, MySQL)
  • Flexibility to work after hours and weekends to accommodate and support the existing servers/ applications maintenance windows
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Colorado State University
Bachelor’s Degree in Computer Science
Skills Skills
  • Demonstrate the ability to apply and adapt to information security best practices suitable and palatable to Turner's business culture
  • Proficient use of RSA Archer and Tableau Server/Desktop HIGHLY DESIRED
  • Detail-oriented, committed to quality
  • Have a strong work ethic, attention to detail, and organizational skills
  • Strong technical, operational expert that can implement technology that enables business processes
  • Good judgment and analytical skills, strong follow-up and organizational skills are paramount skills for the successful candidate
  • Strong presentation skills, including the ability to prepare materials for presentation to a senior management level audience
  • Strong client relationship and leadership skills. Highly self-motivated/works independently
  • Strong ability to understand an audience and author and deliver impactful presentations, documentation, and metrics
  • Strong interpersonal and collaboration skills with the ability to develop, maintain and foster constructive relationships with others
Create a Resume in Minutes

6 Senior Info Security Analyst resume templates

1

Senior Info Security Analyst Resume Examples & Samples

  • Respond to computer security incidents by collecting, analyzing and
  • 5+ year's industry experience in a large, complex environment
  • Network intrusion methods, network containment, and segregation
  • Firewall configuration and features experience
  • Network and platform based security techniques experience
  • Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS), both
  • Knowledge of incident response and crisis management
  • Ability to assess security incidents quickly and effectively and communicate
  • Knowledge of Mac OSX operating systems
  • Penetration testing experience
  • Knowledge of computer forensics both host and network based
  • Experience working with Encase, FTK and open source forensic tools
  • 2+ year's incident response experience
2

Senior Info Security Analyst Resume Examples & Samples

  • Minimize the dwell time of threat actors by monitoring, triaging, and responding to security events, while maintaining thorough documentation in the case management system by actively hunting for and dissecting previously unidentified threats in the environment with little-to-no direction and define relationships between seemingly unrelated events through deductive reasoning
  • Provide mentorship and guidance to other detection analysts, to help them develop in their ability to recognize, triage, and intake security incidents
  • Serve as detection subject matter expert and use standard procedures and plays to correctly validate the classification and filing of incidents by others on the detection team; likewise ensure that classification of unfiled events of interest are not incidents
  • Create innovative in-house control capabilities to assist in the automation of existing security operations functions
  • 5 years information security experience in Security Operations or related technical security function
  • Deep and applied technical knowledge and experience in handling security incidents, to include reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs) with a strong desire to apply this experience to the automation of security operations
  • Above all else, the applicant must be passionate about identifying malicious attackers, and understanding attack vectors, threat tactics, and attacker techniques and will distinguish applicants
  • Must be able to proactively perform duties and responsibilities with little-to-no direction
  • Must have strong verbal and written communication skills, with equally strong multi-tasking and documentation skills
  • Solid experience in scripting languages such as (or similar to) Python, PERL, and Ruby is a plus
3

Senior Info Security Analyst Resume Examples & Samples

  • Partner with the rest of the IT Risk and Information Security organization to ensure program consistency, develop information security risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation
  • Provide subject matter expertise, guidance and direction into Information Technology policy, standards and controls and IT Risk programs
  • Coordinate with IT Risk Service groups on internal and external audits
  • Track risk mitigation activities to ensure accurate and appropriate reporting to ensure that leadership is informed in a timely manner
  • Build a culture and climate focused on the pro-active awareness of, and continuous improvement in, the technology risk environment
  • Excellent verbal and written communication skills enabling candidate to prepare and present to all areas of the business, including senior management
  • BA/BS or equivalent combination of work experience and professional certifications
4

Senior Info Security Analyst Resume Examples & Samples

  • Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS),
  • Ability to assess security incidents quickly and effectively and
  • Malware analysis, virus exploitation and mitigation techniques
5

Senior Info Security Analyst Resume Examples & Samples

  • Receive, curate, and disseminate threat intelligence from manual and automatic sources (internal and external). Add context to inform the urgency, severity, and credibility of threat indicators
  • Respond to high-urgency and high-severity threat indicators by providing written summaries of actionable information, guidance, and other relevant information for stakeholders
  • Assess and analyze new sources of threat intelligence information
  • Collaborate with members of the detection (SOC), response (CSIRT) and content (SIEM) functions to ensure that threat intelligence is appropriately categorized and available for use in identifying active threats against business assets
  • Establish and cultivate relationships with individuals, organizations, and threat-centric communities in the computer security and threat intelligence field to promote the appropriate exchange of threat intelligence, threat feeds, and response activities
  • Ensure that work is timely, accurate, and factually supported. Ensure that opinions, conjecture, and low-credibility information are clearly delineated from facts and objective evidence
  • Partner with all TIAA-CREF business lines to understand the use of Threat Intelligence communications, and to create and promote improvements to Threat Intelligence delivery and actionable usage
  • Work closely with the risk team to understand the threats involved in our realized risk, and to provide recommendations that improve our security posture
  • 5+ years industry experience in a large, complex environment
  • 2+ years industry experience in intelligence collection and analysis or incident response
  • Proficiency in Windows & UNIX
  • Coding (scripting) experience, e.g. Perl, VB Script, Python, etc
  • Data management experience (e.g. database or knowledge base management, document repository management, etc.) that demonstrates ability to classify, normalize, store, and manage complex datasets (written data and metadata as well as structured threat data) related to threat intelligence
  • 4 year degree in CS or infomation systems
  • Information Security certifications preferred
6

Senior Info Security Analyst Resume Examples & Samples

  • Research and rate vulnerabilities
  • Maintain optimized schedule of vulnerability scanning
  • Provide support (Ad-hoc scanning) for incident response and remediation teams
  • Data verification of all scan operations
  • Operational reporting of scan operations
  • Identify automation opportunities for Vulnerability Identification Team
  • Maintain operational documentation for Vulnerability Identification Team Processes
  • Participate in vulnerability management groups providing in depth knowledge of emerging/trending threats
  • Liaison regarding Database scanning and remediation
  • Manage official list and details around all data sources connected with VM
  • Maintain detailed dataflow diagram
  • 3-5 years or more of related experience in Information Security performing any of the following: vulnerability assessment, vulnerability scanning, database vulnerabilities, data at rest, networking
  • Understanding of current threats and exploits to include experience with threat remediation
  • Understanding of operating systems and infrastructure security configuration
  • Experience with infrastructure vulnerability assessment tools
  • Understanding of common security issues & risks
  • Ability to communicate technical information in understandable business terms
  • Ability to have good working relationships with outside vendors and developing relationships with professional organizations, peer groups, and industry trade groups and conferences to stay current with technology
7

Senior Info Security Analyst Resume Examples & Samples

  • Audit coordination and facilitation (Internal Audits, External Audits, Regulatory Exams)
  • Management action plan development, maintenance, and monthly status reporting Risk management
  • Supplier risk program support
  • Key audit-related documentation maintenance and storage - Provide audit, risk, and control related guidance and training as needed to Production Services staff
  • Minimum 5 years of hands-on experience and knowledge in audit process, project management practices, federal regulations, and SSAE 16 reviews REQUIRED
  • Minimum 5 years diverse experience working with IT processes and technology infrastructure
  • Minimum 5 years experience in IT risk, IT security risk
  • Excellent understanding of IT and its alignment with business processes
  • Comfortable working closely and building relationships with senior-level management
  • Demonstrated ability to coordinate and lead distributed teams without authority and deliver on time
  • Excellent interpersonal and negotiation skills
  • Proactive and self-motivated
  • Must foster an environment of collaboration and continuous improvement
  • Must be extremely detailed oriented with respect to documentation and communication
  • Strong management, analytical, problem solving, and troubleshooting skills
  • Strong leadership skills that inspire team confidence and respect wile motivating team members in a creative and effective manner
  • Must be comfortable escalating issues and challenges encountered for appropriate resolution
  • Proficient in utilization of MS Office products, including Excel, PowerPoint, and Word
  • CISSP & PMP certifications
8

Senior Info Security Analyst Resume Examples & Samples

  • Assisting with coordinating state and federal regulatory compliance related activity involving Information Technology (regulatory examinations, related preparations, etc.)
  • Coordinating assigned documentation, artifacts and reviews with risk partners (SMEs, audit, compliance, legal, risk management) in support of IT regulatory activity
  • Prepare and present to all areas of the business, including senior management
  • Assisting with drafting and reviewing Information Technology policies, standards and procedures, including management of the system of record for IT Policies and Standards
  • BA/BS degree or equivalent combination of minimum 3 years work experience and professional certifications REQUIRED
  • Minimim 2-3 years’ of experience working within the Information Security or Information Technology fields REQUIRED
  • Minimum 2-3 years of Working experience and knowledge of Federal Financial Institutions Examination Council (FFIEC) guidance, GLBA, Sarbanes-Oxley and other relevant laws and regulations REQUIRED
  • Minimum 2-3 years of experience with IT policies, standards and/or procedures and working knowledge of industry-recognized information security-related standards such as ISO2700x, COBIT, PCI-DSS, NIST, etc. REQUIRED
  • Proficiency with spreadsheet and presentation tool skills (MS Excel and MS PowerPoint) HIGHLY DESIRED
  • Ideally 5-7 years’ experience working within the information security or information technology fields
  • 2-3 years’ experience in the banking industry directly addressing federal banking regulatory requirements and examinations or writing IT policies or standards
  • 2 -3 years’ experience writing IT policies, standards and/or procedures
9

Senior Info Security Analyst Resume Examples & Samples

  • Act as Subject Matter Expertise (SME) over IAM practices, policies and procedures for Windows systems, Active Directories, and Privileged Access Management
  • Identify, analyze and implement process improvement opportunities on existing access management practices and solutions to streamline existing manual process
  • Bachelor degree in computer management, information security or equivalent job experience
  • 5 to 10 years computer security experience required
  • Proven systems infrastructure related experience such as
  • Design & implementation of multi forests Active Directory infrastructure
  • Knowledge in securing Active Directory infrastructure and access
  • Windows & AD related scripting (eg Powershell, VB, WMI)
  • Windows systems and Active Directory security & monitoring
  • Good working knowledge of Identity Access Management lifecycle and processes, incl. role-based access controls
  • Have an attention to detail and advanced analytical and troubleshooting skills
10

Senior Info Security Analyst Resume Examples & Samples

  • Develop and maintain strong business and technology relationships, becoming a trusted partner to the business and technology units
  • Support technology organizations through internal and external audits
  • Support the IT Risk and Information Security organization as an IT Audit
  • Liaison to manage internal audits and audit action plans as well as provide guidance and consultation to all audit activities
  • Coordinate external (SOX and SSAE16) audits for all IT organizations in partnership with IT Audit Liaisons
  • Partner with IT Risk teams to ensure program consistency, develop IT Risk strategies and recommend process enhancements to support the framework and key deliverables
  • Build a culture and climate focused on the pro-active awareness of, and continuous improvement in the technology risk environment
  • Minimum 3-6 years’ experience working within the information security, IT Risk or audit fields REQUIRED
  • Minimum 2-4 years’ experience in the financial services industry or Big-4 in a role specific to risk management, audit or information security REQUIRED
  • Minimum 3 years'audit experience specifically with SOX/SSAE16 testing REQUIRED
  • Demonstrated knowledge of internal audit processes
  • Excellent verbal and written communication skills enabling candidate to prepare and present to all areas and levels of technology and business, including senior management
  • Strong client relationship and leadership skills
  • Detail-oriented, committed to quality
11

Senior Info Security Analyst Resume Examples & Samples

  • Perform risk assessments of application solutions, software, IT infrastructure or vendor engagements
  • Lead risk assessment workshops and facilitate identification of key risks and controls
  • Evaluate application solutions to identify risks and leverage relevant controls
  • Provide risk-based control recommendations for IT applications
  • Effectively document and communicate findings and reports using SharePoint, Archer and other automation tools
  • Participate in risk acceptance and monitoring process and make recommendations for bringing controls into compliance
  • Support program level design and implementation guidance for the assessment program as it fits into the IT Risk Framework; design or enhance existing processes or procedures
  • Bachelor’s Degree in Computer Science, Information Technology or related discipline
  • Minimum 3 years’ experience performing secure design, security testing or risk assessments, strong preference for doing so with software and/or new technologies
  • Minimum 3 years additional experience in related Information Technology area
  • Working knowledge and understanding of regulatory compliance concerns, data protection / PII, and industry standard security and risk framework
  • Industry certifications from ISC2, ISACA or similar
  • Master’s Degree in Information Technology
  • Experience in systems security administration, Federal Security assessments, and/ or conducting assessments with a major consulting firm
12

Senior Info Security Analyst Resume Examples & Samples

  • Respond to computer security incidents by collecting, analyzing and preserving digital evidence
  • Ensure that all incidents are recorded and tracked in accordance with audit and legal requirements
  • Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors
  • Gather and analyze forensic evidence for all computer security incidents
  • Partner with all TIAA-CREF business lines to investigate computer intrusions, DoS attacks, social engineering and electronic loss of data
  • Advise business partners on issues of suspicious or malicious computer network activity
  • Work closely with the risk team to assess risk and provide recommendations for improving our security posture
  • Conduct advanced computer and network forensic investigative functions relating to various forms of malware analysis, computer intrusion, theft of information, denial of service and multi-national organized criminal groups
  • Liaison with Cyber Investigations regarding insider threats and code of conduct violations
  • Bachelor's Degree in Computer Science or related field REQUIRED
  • Minimum 5 years of overall IT security industry experience in a large, complex environment REQUIRED
  • Minimum 2 years of incident response experience REQUIRED
  • Minimum 2 years of experience working with incidence response tools such as Encase, FTK, F Response (or similar), and open source forensic tools HIGHLY DESIRED
  • Network intrusion methods, network containment, and segregation techniques and technologies experience
  • Coding (scripting) experience e.g. Perl, VB Script, Python, etc
  • Ability to assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact to TIAA-CREF
13

Senior Info Security Analyst Resume Examples & Samples

  • Analyze security gaps in mobile technologies and frameworks that lack standard validation methodologies and incorporate remediation practices to reduce risk posture of Visa products and assets
  • Develop tools and frameworks required to perform advanced and complex mobile security assurance and ethical hacking activities
  • Collaborate with product development and solution teams proactively, to manage software security risk aligned with business goals
  • Build secure products and standards around emerging technologies and fields lacking existing standards and security practices
  • Two to three years of relevant experience in mobile security – code review, penetration testing, mobile security research on iOS, Android or Windows Ph platforms
  • Expertise and strong understanding of standard and advanced security issues and vulnerabilities – OWASP Top 10, SANS Top 25
  • Strong understanding of MDM solutions, provisioning profiles, device data protection and platform security features will be a bonus
14

Senior Info Security Analyst Resume Examples & Samples

  • Design sustainment strategies and measurement systems to ensure that risk management techniques and strategies can continue to be maintained over time
  • Develop and nurture trusted relationships with Business Partners, VISA IT Executives, Security & Compliance Officers and other Compliance Team Members to gain consensus approvals on strategies, recommendations, findings, project plans, etc
  • Knowledge and understanding of emerging technologies including but not limited to mobile technology
  • Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements
  • 5 – 7 years experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies
  • 5 – 7 years of progressively responsible management experience in the following areas: planning, budget/forecast/financial management, and staffing
  • Big Four Consulting experience (E&Y, PwC, Deloitte or KPMG)
  • Solid understanding of Enterprise Risk Management and Strategy frameworks as well as understanding of current enterprise threat scenario as related to financial industry
  • Demonstrated ability to manage implementations of large-scale, complex, multi-disciplined, cross-functional and highly visible projects/programs
  • Current information security and compliance vendor landscape
  • Control frameworks such as COSO
  • Certified Information Security Auditor/Manager (CISA/M) designation or CISSP
15

Senior Info Security Analyst Resume Examples & Samples

  • Partner with IT Risk teams to ensure program consistency, develop IT Risk strategies and recommend process enhancements to support the IT Risk framework
  • Implement and operationalize a governance program to provide visibility to various levels of Senior Management around issues and exceptions to policies
  • Develop and maintain IT Risk service strategy metrics and reports
  • Minimum 3 years of experience working within the Information Security and/or IT Risk fields REQUIRED
  • Minimum 2 years of experience in the financial services industry REQUIRED
  • BA/BS in Computer Science, Information Systems, Business Administration or a related discipline; or equivalent combination of 5 years work experience and professional certifications REQUIRED
  • Strong presentation skills, including the ability to prepare materials for presentation to a senior management level audience
  • Strong relationship and leadership skills
16

Senior Info Security Analyst Resume Examples & Samples

  • Develop new SIEM/SEIM content (ArcSight) including rules, active lists, aggregations, dashboards, trends, and alerts that appropriately characterize the importance of events of interest found in the TIAA-CREF operational environment
  • Provide business requirements to peer teams within TIAA-CREF that relate to the governance, development, and sustainability of logging related to security-relevant events Support for security operations for potential crisis situations, with 24x7 availability as needed
  • Participate in information security audits, ensuring the technical compliance with related (e.g. PCI, SOX, etc) regulatory requirements
  • Collaborate with others inside of IT Risk and Information Security, as well as elsewhere in the business, to ensure excellence
  • Minimum 5 years experience in information technology and/or information security
  • Minimum 2 years in log review, analysis, and design of searches / alerts to bring actionable intelligence from logs
  • Experience in managing, engineering, or developing content for centralized logging solutions with ArcSight or comparable solution (Splunk, ELK, etc)
  • Familiarity with a broad range of security technologies and how they function, as well as non-security devices and how their log outputs can indicate security incidents IP Protocol Suite; knowledge of TCP/IP protocols
  • Understanding of ArcSight engineering a plus
  • Ability to identify both tactical and strategic solutions. Shell scripting, Python, Perl, or other scripting
17

Senior Info Security Analyst Resume Examples & Samples

  • Receive, curate, and disseminate threat intelligence from manual and automatic sources (internal and external)
  • Add context to inform the urgency, severity, and credibility of threat indicators
  • Collaborate with members of the detection (SOC), response (CSIRT) and content (SIEM) functions to ensure that threat intelligence is appropriately categorized and available for use in identifying active threats against business assets Support for security operations for potential crisis situations, with 24x7 availability as needed
  • Work closely with the risk team to understand the threats involved in our realized risk, and to provide recommendations that improve our security posture Analyst” file
  • Minimum 5 years industry experience in a large, complex environment
  • Minimum 2 years industry experience in intelligence collection and analysis or incident response
  • Strong written communication; able to present succinct and professional written communication for a variety of audiences (e.g. technical, non-technical, executive, business stakeholders, etc.)
  • Strong collaborative and social skills, comfortable making business connections, building trust, sharing solutions, and working with peers in industry to improve threat intelligence capabilities
  • Able to identify both tactical and strategic solutions
  • Knowledge of information security threat types, their composition, and which indicators of compromise (IOCs) are useful for detecting, identifying, and mitigating each
  • Knowledge of attacker tactics, techniques, and procedures (TTPs) useful to assist the response teams (CSIRT) with combatting attacker capabilities
  • Ability to assess security incidents quickly, and effectively communicate their urgency, credibility, and severity, as well as a course of action for remediation while mitigating risk and limiting the operational and reputational impact to TIAA-CREF
18

Senior Info Security Analyst Privileged Access Management Database Resume Examples & Samples

  • Act as Subject Matter Expertise (SME) over IAM practices, policies and procedures for the access management of Databases (i.e. DB2, Oracle, MSSQL, MySQL)
  • Identify, analyze and implement process improvement opportunities for the management of Database Privileged Access on the various OS platforms (Windows, UNIX, Mainframe/ Tandem)
  • Actively participate in Identity Access Management (IAM) integration and automation effort and ensure alignment to Visa IAM strategy and security policies/standards
  • Proactively identify audit and compliance access related issues to reduce the risk of security exposures on the support databases and systems; coordinate access management related audit and compliance tasks, such as user privileged access reporting and other relevant research and investigation
  • 5-7 years of experience Database Administration experience required on at least one industry Database (e.g. DB2 or Oracle)
  • Proven database administration background
  • Solid systems (Windows, UNIX, or Tandem/Mainframe) background
  • Strong interpersonal and collaboration skills with the ability to develop, maintain and foster constructive relationships with others
19

Senior Info Security Analyst Resume Examples & Samples

  • Design and implement IT Risk Assessment processes
  • Conduct IT Risk Assessments on IT Infrastructure components (i.e. Endpoints, Servers, Network, Storage, etc.)
  • Identify and implement improvements to assessment processes (e.g. collection & analysis methods, automation, etc.)
  • Coordinate with others across IT Risk to clarify control standards & procedures, detect control gaps, and improve processes
  • Provide guidance to IT teams on the implementation of appropriate controls and track progress
  • Participate in the development of metrics in support of IT Risk objectives
  • Serve as the IT Risk group’s subject matter expert on server, storage, and database technologies
  • Partner with others in IT Risk Assessment to actively participate in the build out of the program
  • Bachelor’s degree in Information Systems or equivalent work experience (REQUIRED)
  • Minimum 7+ years of overall experience in IT applications development or IT infrastructure (REQUIRED)
  • Minimum of three years of IT Risk, IT Security, and/or related experience, specifically performing IT Risk assessments; assessment performance; developing security programs and processes for infrastructure environment (servers, databases, storage) (REQUIRED)
  • Minimum of two years of IT Infrastructure experience in storage area, server environments, & databases (REQUIRED)
  • Strong problem solving, project management, and relationship management skills
  • Experience working with systems development lifecycle (SDLC)
20

Senior Info Security Analyst Resume Examples & Samples

  • BA/BS in Accounting, Management Information Systems (MIS), Computer Science required or equivalent experience
  • Knowledge of Accounting and Financial Reporting Experience evaluating ITGC of various financial applications
  • Working knowledge of CoBit, ITIL or other industry accepted frameworks
  • Must be a helper, problem solver and a quick learner
  • Have a strong work ethic, attention to detail, and organizational skills
  • Takes initiative and works autonomously to achieve group objectives
  • Realizes the importance of responding to customer needs promptly and seriously
  • Highly responsive to the problems of internal and external customers
  • Must be highly motivated and results oriented
  • Former compliance consulting experience (i.e. PwC, EY) CISA and/or CPA/CIA certification preferred
  • IT work experience Internal Audit Experience Certification
  • Reporting Working in an integrated SOX environment (working together with financial business owners and IT business owners)
  • Experience evaluating ITGC Data Privacy
  • Multi-lingual, Spanish a plus
  • Demonstrate the ability to apply and adapt to information security best practices suitable and palatable to Turner's business culture
  • Ability to manage multiple initiatives and set or negotiate priorities
  • Ability to think out of the box and develop creative solutions
21

Senior Info Security Analyst Resume Examples & Samples

  • Serve as the IT Risk group’s subject matter expert on network and telecommunications technologies
  • Bachelor’s degree in Information Systems or equivalent work experience
  • Minimum 7 years of overall experience in IT applications development or IT infrastructure REQUIRED
  • Minimum of three years of IT Risk, IT Security, and/or related experience; specifically Info Security concepts, IT risk management principles, and IT Risk standards (ISO, 2700 series, NIST, etc) REQUIRED
  • Minimum of two years of IT Infrastructure experience, specific to network equipment and firewalls (ie, F5 load balancing, Cisco or Nexus routing/switching, Cisco ASA, Fortinet, Checkpoint, Palo Alto firewalls, converged infrastructure components - cloud solutions, etc) REQUIRED
  • Experience working in Financial Services or other regulated industry
  • Certifications: CRISC, CISSP, CASP, CISA, CISM and/or equivalent; CCNP, CCIE or similar
  • Master’s Degree in Information Systems
  • IT Security Engineering and/or Operations experience
  • Familiarity with Archer eGRC and/or other GRC tools
  • Scripting and/or development knowledge
  • IT Audit experience
22

Senior Info Security Analyst Resume Examples & Samples

  • Perform information security assessments based on involvement and consulting with project teams
  • Provide technical consulting on current security topics and issues
  • Advocate enhancements to existing processes and procedures to improve information security controls
  • Maintain and provide regular status updates on security assessments
  • Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field
  • At least 6 years industry experience in information security
  • Experience in a compliance role and/or IT audit
  • In-depth understanding of information security policies and best practice standards such as ISO 27001, ISO 27002, NIST
  • In-depth knowledge of network and systems; be able to understand security requirements documents for assets such as routers, switches, firewalls, Windows and UNIX systems, database systems, networks and security architectures
  • Excellent interpersonal skills and effective verbal communication skills
  • Attention to detail and excellent documentation and written skills
  • Good project management skills and self-motivated to meet deadlines and commitments in an environment that requires multitasking among concurrent projects
  • Be able to convey security concepts related to network, application, and systems to both technical and non-technical audiences
  • Experience working with people from different countries and cultures
23

Senior Info Security Analyst Resume Examples & Samples

  • Minimum 3 years of experience working within the Information Security or Information Technology fields REQUIRED
  • Minimum 1 years of experience writing IT policies, standards and/or procedures REQUIRED
  • Knowledge of and experience with industry-recognized information security-related standards such as ISO2700x, COBIT, PCI-DSS REQUIRED
  • Minimum 3-5 years of experience working within the information security or information technology fields with exposure to various technical environments and business segments
  • Minimum 2-3 years of experience in the financial and/or regulatory industry directly addressing federal financial regulatory requirements and examinations or writing IT policies or standards
  • Basic understanding of security administration and access management, computer and data breach incident management, data protection and security, third party supplier/vendor management, secure software development, technology policies and standards, IT risk management and controls or technology operations and compliance beneficial
  • IT technical writing skills a plus
  • Other desired competencies include organizational and writing skills, ability to influence and a problem solving / analytical approach
  • Office Locations are PREFERRED, however remote opportunities will be considered for strong candidates**
  • The Charlotte location is NOT OPEN for this opportunity**
24

Senior Info Security Analyst Resume Examples & Samples

  • Develop Analytics for the identification of potential insider threats and high risk behavior
  • Develop and code risk models to identify insider threats such as data exfiltration, sabotage, theft of intellectual property, and misuse of corporate assets
  • Develop and Document Standard Operating Procedures and Standards to support the Insider Threat Program
  • Coordinate the identification and integration of data sources to support the identification of Insider Threats
  • Investigate user behavior using multiple data sources and systems of record (logs, computer evidence)
  • Respond to requests for investigative support from business stakeholders
  • Work with Risk Partners (HR, Legal, Compliance, and Investigations) to share intelligence around risk trends and concerns within the firm
  • Compose educational materials and presentations for employees and managers
  • Assist Security Awareness with content for ongoing training
  • Assist business partners (Fraud Investigations) with technical investigative support related to on-line customer fraud
  • Ability to collect, analyze, interpret, and document insider threat investigation findings
  • Work with outside agencies and internal stakeholders to discretely conduct investigations and report findings to management
  • Ability to review technical logs and archives (such as e-mail) to research activities that present risk to the firm
  • Generate operational metrics to demonstrate program performance and operational demands
  • Bachelor’s degree or higher in Computer Science or related field
  • 3+ Years of experience within an operational Insider Threat Program (e.g. Financial Services, Government) required
  • Experience with industry standard security logging platforms (Splunk, ArcSight, LogRhythm, or equivalent) required
  • Experience with data automation and scripting platforms (Python, Perl, R, SAS, or equivalent) required
  • Experience with Relational Database, Reporting, and Query Design
  • Experience with Data Loss Prevention (e.g. Vontu, McAfee, Websense)
  • Experience with project management and systems integration
  • Experience with advanced analytics topics such as machine learning or predictive analytics a plus
25

Senior Info Security Analyst Resume Examples & Samples

  • Minimum of two years of IT Infrastructure experience, specific to network equipment and firewalls (ie, F5 load balancing, Cisco or Nexus routing/switching, Cisco ASA or Fortinet firewalls, converged infrastructure components - cloud solutions, etc) REQUIRED
  • IT Risk / Information Security
  • Information security concepts
  • IT risk management principles & assessment methodologies
  • IT threat & vulnerability assessment technologies
  • Information security standards & frameworks (e.g. ISO 27001/27002, COBIT, etc.)
26

Senior Info Security Analyst Resume Examples & Samples

  • Minimum 7+ years of overall experience in IT applications development or IT infrastructure
  • Minimum of three years of IT Risk, IT Security, and/or related experience
  • Minimum of two years of IT Infrastructure experience, including extensive knowledge and hands on experience with operating systems, databases, storage systems (see details below under "Infrastructure")
  • Information security standards & frameworks (e.g. ISO 27001/27002, COBIT, NIST standards, etc.)
  • Certifications: CRISC, CISSP, CASP, CISA, CISM and/or equivalent
27

Senior Info Security Analyst Resume Examples & Samples

  • A minimum of 5-10 years of experience as an IT auditor working for a Big 4 Company (e.g., PWC)
  • Excellent use of MS Office Suite (e.g., Word, Excel, PPT)
  • Familiar with SDLC Concepts
28

Senior Info Security Analyst Resume Examples & Samples

  • Investigate and contribute to large and small scale computer security incident response events on a global network
  • 10 -12 years of experience Leveraging advanced tools to identify and mitigate malicious activity, ranging from malware to potential interactive intrusions
  • Analyze computer systems and network traffic for signs of infection or compromise
  • Act as a subject matter expert on information security related issues pertaining to malware analysis and incident response
  • Undergraduate degree in computer science, engineering, information science, or a related technical discipline
  • 5+ years of related experience in cybersecurity or computer network defense
  • Strong knowledge of Windows internals and APIs
  • Strong scripting skills in (Perl, Python, Powershell, etc)
  • Previous experience with RegEx and/or YARA is desirable
  • Certifications such as GREM or CISSP a plus, but skill level carries more weight
29

Senior Info Security Analyst Resume Examples & Samples

  • Leading risk identification, quantification, and management efforts related to the technology organization
  • Providing periodic updates on risk management and security projects for senior executives
  • Responding to urgent security-related issues at any time
  • Understanding of basic business, finance, and management concepts, with the willingness to expand in this area as a core aspect of the role
  • Articulate communicator, demonstrating mastery of both spoken and written English, with the ability to tailor the message appropriately for audiences ranging from technical to senior executive
  • Ability to quickly comprehend a problem, develop a solution, and act on the solution
  • Strong critical thinking skills: developing and testing a hypothesis, then drawing logical conclusions
30

Senior Info Security Analyst Resume Examples & Samples

  • Identify automation opportunities
  • Maintain operational documentation for Processes
  • Perform database vulnerability scanning
  • Perform baseline compliance scanning
  • Minimum 3-5 years of related experience in Information Security performing any of the following: vulnerability assessment, vulnerability scanning, database vulnerabilities, data at rest, networking, baseline compliance management
  • Experience with infrastructure vulnerability assessment tools (Nexpose, Guardium)
31

Senior Info Security Analyst Resume Examples & Samples

  • Develop innovative security solutions to protect Visa’s products/services and provide Visa with new threat detection and prevention capabilities
  • Identify security events by fusing threat intelligence with security sensors (proxies, firewalls, IDS/IPS, malware analysis) and platforms (SIEM, NetFlow, etc.)
  • Identify and manage host and network-based indicators of compromise (IoCs) for deployment to security tools
  • Reduce time-to-detect and time-to-remediate by driving the automation of applied intelligence
  • Provide subject matter expertise regarding recent hacks / exploits – especially against web applications, databases and common desktop tools
  • Lead or participate in the execution of emerging technology evaluations, proof of concept tests, and prototypes
  • Compare cyber security events with intelligence research to determine adversary motive, capability, and intent - and the impact of the threat to payment card supply chain network, architecture and system operations
  • Develop strong collaborative relationships with members of the Financial Services Community
  • Interact with and assist other Visa teams with time sensitive, critical investigations
  • Have the ability to effectively identify, evaluate and communicate new and ongoing security threats to colleagues and management
  • Strong technical skills with hands-on experience
  • Bachelor’s Degree in Computer Science, Computer/Electrical Engineering, Information Security (or related field) or equivalent work experience
  • 5 to 10 years of experience in Information Security, with a focus on security monitoring using SEIM, IDS/IPS, full packet capture solutions, malware analysis tools, endpoint security tools, etc
  • Strong understanding of increasingly sophisticated cyber attacks, exploit techniques, and associated defense in depth architectures
  • Experience with high volume/velocity/variety data sets, tools, and infrastructures (‘Big Data’)
  • Experience with sensor automation, information sharing, and other methods of machine-to-machine communication using Application Programming Interfaces (APIs)
  • Strong scripting/programming skills, including Python and Groovy
  • Familiarity with Mitre STIX/TAXII strongly desired
  • Proficient on both Windows and Linux platforms
  • Able to draft, interpret and communicate policies, procedures and technical requirements
  • Must be extremely flexible and able to manage multiple concurrent tasks and priorities
  • Information Security-related certification(s) desired
32

Senior Info Security Analyst Resume Examples & Samples

  • This position can be located in our Broomfield, CO, or Iselin, NJ offices. Qualified candidates may be considered for remote work**
  • Ensure that Security Toolsets will deliver true positive, actionable alerts based on risk level
  • Eliminate white noise and false positive alerts from toolsets and ensure no false negative conditions exist
  • Ensure Toolsets are providing all log data required for incident detection and investigation
  • Maximize time to respond by eliminating friction and blind-spots in the information gathering process
  • Gather and drive metrics from Security Toolsets to prove effectiveness
  • Gather requirements for Security Policy and technology capability adjustments
  • Drive tool capability roadmaps based on needs from Detection and Response Team
  • Provide enhancement to visibility and alerting solutions in a large environment
  • Work with SIEM team members to ensure proper logging format (CEF) from Information Security Toolsets
  • Assist with any incident response and cyber investigations as needed
  • Assist with driving Logging architecture with Security Technologies and Production Services teams for various toolsets
  • Bachelor's Degree in Computer Science or related field. (Industry certifications AND years of work related experience will also be considered as substitution for formal degree) REQUIRED
  • Minimum 5 years of Security industry experience; dealing with complex environments REQUIRED
  • Minimum 2 years of experience with DLP tools, ( Vontu ) Symantec capabilities, tuning REQUIRED
  • Experience building out / leading / overseeing DLP Program ( DIM, DIU, DAR )
  • SIEM (ArcSight / Splunk ) Logging troubleshooting and optimization experience
  • Knowledge of logging protocols and formats, (snmp structure, CEF format)
  • Proficiency / in-depth understanding of APT methods, tactics, Data Exfiltration methods
  • Coding (scripting) familiarity e.g. Splunk query language, ArcSight query, REGEX
  • Knowledge of how logs and alerts are used in incident response and crisis management
  • Experience working with large log volume and compiling metrics to determine tool effectiveness
  • Ability to assist Detection Response Team to assess security incidents quickly and effectively with data from InfoSec toolset and communicate confidently about the data that is used to respond to the security incident
  • Experience mitigating risk and limiting the operational and reputational impact to large organizations
  • Ability to communicate in a positive friendly manner and collaborate across multiple teams HIGHLY DESIRED - as it is deemed necessary to be successful in this role
  • BlueCoat Web Proxy experience
  • Experience with FireEye and Advanced Malware Analysis Technologies
  • Ability to identify both tactical and strategic solutions to mitigate risk
  • Knowledge of IDS both host and network based
  • CISSP, or GSEC, GPEN, or industry related Security certification
  • 3+ years’ experience with SIEM tools
33

Senior Info Security Analyst Resume Examples & Samples

  • Develop and maintain strong business and technology relationships, becoming a trusted partner to the business units that they support
  • Partner with the rest of the IT Risk and Security organization to ensure program consistency, develop information security risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation
  • Minumum 2-4 years’ experience in the financial services industry, in a role specific to risk management, audit or information security REQUIRED
  • Knowledge of industry-recognized information security-related standards such as ISO2700x, COBIT, PCI-DSS REQUIRED
  • CISA, CISSP, CRISC certifications A PLUS
  • Minimum of a BA/BS or equivalent combination of work experience and professional certifications REQUIRED
  • Strong client relationship and leadership skills. Highly self-motivated/works independently
34

Senior Info Security Analyst Resume Examples & Samples

  • Coordinate, deploy and manage application risk assessments, for assigned portfolio, to include, evaluation of supporting documentation, evidence and alternative controls
  • Develop and maintain risk assessment evaluation tools and mappings to automated risk analysis functions
  • Provide periodic updates, reports, and recommendations on various IT/IS related topics
  • Assist in managing assessment schedules and reporting service status to senior management
  • Champion and promote service improvements on an ongoing basis to continually improve quality and customer satisfaction
  • Bachelor’s Degree or equivalent in computer science, management information systems orequivalent discipline from an accredited college or university REQUIRED
  • Minimum 5-7 years’ experience in Information Technology REQUIRED
  • Minimum 3 years’ experience specifically in IT Risk Management, Information Security Consulting, Information Security Architecture, Operational Risk or IT Audit REQUIRED
  • Demonstrated experience in current understanding of IT assessment best practices,management techniques and industry trends within IT Risk and Security responsibility areas
  • Working knowledge and understanding of regulatory compliance concerns, data protection/PII and industry standards, security and risk frameworks (i.e., COBIT, Risk IT, Val IT, ITIL, PCI-DSS)
  • Proficient use of Microsoft Excel, Access, Word, PowerPoint, Visio and SharePoint
  • 7-10 years’ experience in Information Technology
  • 3-5 years’ experience in Information Security, IT Audit or IT Risk Management at a bank, insurance company or financial services organization
  • Applied knowledge and understanding of regulatory compliance concerns, data protection and industry standard security and risk frameworks
35

Senior Info Security Analyst Resume Examples & Samples

  • Develop and Document Forensic Standard Operating Procedures
  • Conduct hands-on analysis of computing devices (endpoint, mobile) as part of active investigations
  • Use data visualization tools and database methods (SQL) to identify elevated insider threat concerns
  • Implement and test new forensic applications and solutions
  • Review user activity within User Activity Monitoring tools
  • Gather evidence related to outside subpoena from law enforcement or regulatory agencies
  • Manage frequent interaction and challenges from regulators and auditors
  • Manage inventory of forensic evidence and case management (virtual and physical)
  • Compose official reports documenting investigative findings
  • Ability to collect, analyze, interpret, and document computer forensics findings
  • Ability to forensically process mobile devices
  • Utilize scripting environments (e.g. Python, Ruby, Perl, VB Script) to automate technical response
  • Potential travel (occasional) related to investigative needs
  • Bachelor’s degree in Computer Science or related field, or equivalent work experience REQUIRED
  • Minimum 5-7 years of overall experience in IT security REQUIRED
  • Minimum 3 Years of Computer Forensic or Cyber Investigative experience REQUIRED
  • Experience with industry standard computer forensics solutions (EnCase, FTK, X-Ways, Cellebrite)
  • Experience with databases, SQL, and data visualization tools
  • Industry recognized forensic certification such as EnCE, ACE, CFCE
  • Experience with Data Loss Prevention (e.g. Vontu, McAfee, Websense) or SecurityLogging (ArcSight, Splunk)
  • Forensic Related Certification – EnCase EnCE, Access Data ACE, CCE – Certified Computer Examiner, CFCE – Certified Forensic Computer Examiner
  • Experience with User Activity Monitoring tools such as SureView or Spector Soft
36

Senior Info Security Analyst Resume Examples & Samples

  • Ensure end-to-end security of Visa products by hands on testing, helping development teams, remediating risks upfront
  • Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree preferred
  • Excellent understanding of web applications, web servers, layer 7application technologies, frameworks and protocols with respect to application development and deployment
  • Understanding of Mobile application and platform security; deep understanding of platforms, SDK's and interaction with application layer PREFERRED
  • Demonstrated leadership qualities, flexibility, adaptability to changes in roles and responsibility as required
37

Senior Info Security Analyst Resume Examples & Samples

  • Leverage advanced tools to identify and mitigate malicious activity, ranging from malware to potential interactive intrusions
  • Characterize suspicious activities and be able identify traits, C2, and develop network and host-based IOCs
  • Improve security monitoring capabilities by researching new detection rules based on internal and external threat data
  • Strong knowledge on information security related issues pertaining to incident response
  • 7 years of related experience in cybersecurity or computer network defense
  • Previous experience with RegEx or Snort is desirable
  • Certifications such as GCIH or CISSP a plus, but skill level carries more weight
38

Biso Analyst / Senior Info Security Analyst Resume Examples & Samples

  • Partner with business and technology to complete their IT risk control agenda, leveraging internal resources and processes as appropriate
  • Communicate the practical implications of IT risk treatment decisions to business and technology individuals
  • Minimum 3 years’ experience working within the information security, IT Risk or audit fields REQUIRED
39

Senior Info Security Analyst Resume Examples & Samples

  • Ensure the enforcement of Policy Enforcement Point compliance, thereby ensuring the continued protection of Visa information assets
  • Ability to take a lead role during PTO of internal team lead in each area (Request processing and Special Projects)
  • Ability to create custom scripting for offline rule violation validation and route summarization
  • Ability to function well in a team environment and effectively lead resources on special projects
  • Manage automated compliance tool violations for network rules and review all violations on an ongoing basis
  • Effectively manage internal firewall request queues and ensure incoming requests adhere to the required security practices and zoning models
  • Continuously look for any gaps in network information or network models that could create false positive or false negative situations – especially with any automated compliance checking
  • Be able to quickly understand all of Visa's security policies in relation to the network and data protection to be able to manually review situations and incoming requests that do not fit into a standard model
  • Be able to suggest alternatives acceptable to Visa and work with project or application teams to find alternate paths that would ensure all Visa requirements are being followed
  • Develop a risk model for firewall and zoning issues to appropriately convey the impact of any found or raised issue quickly
  • Effectively manage ad-hoc network review tasks and any necessary remediation activities
  • Develop and optimize processes to improve security violation identification and remediation
  • Maintain active understanding of industry practices for network security and zoned architecture in multi-network enterprise environments
  • Undergraduate degree in Computer Science, Electrical Engineering or a related technical discipline; advanced degree or comparable experience highly preferred
  • Minimum of 5 years in large-scale enterprise network environments especially dealing with network security
  • Strong understanding of firewall, policy enforcement, zoned architecture, and enterprise level networking
  • Operational knowledge of PCI , network security best practices, and ongoing threat analysis
  • Experience working with project, application, and management tool teams to ensure policy compliance
  • Deep knowledge and experience with firewall rule analysis
  • In depth understanding of Security Zoning and architecture
  • Hands on Experience designing and running an area of an enterprise network security assurance program
  • Implementing and developing procedures and process for network operational security
  • Experience with Skybox, Palo Alto FWs, Cisco FWs, Checkpoint FWs, F5 LTMs, WAFs, and other network security platforms is required
40

Senior Info Security Analyst Resume Examples & Samples

  • Research and rate vulnerabilities, Maintain optimized schedule of vulnerability scanning
  • Minimum 3-5 years or more of related experience in Information Security performing any of the following: vulnerability assessment, vulnerability scanning, database vulnerabilities, data at rest, networking, baseline compliance management
  • Understanding of operating systems and infrastructure security configuration Experience with infrastructure vulnerability assessment tools (Nexpose, Guardium)
  • Security certifications such as CISSP, GIAC, Security+ desirable
  • Good judgment and analytical skills
  • Strong follow-up and organizational skills are paramount skills for the successful candidate
41

Senior Info Security Analyst Resume Examples & Samples

  • Minimize the dwell time of threat actors by monitoring, triaging, and validating security events, while maintaining thorough documentation in the case management system
  • Improve existing detection content by producing correct and complete feedback to the SIEM content team and analysts
  • Operate with little-to-no direction and define relationships between seemingly unrelated events through deductive reasoning
  • Participate in intelligence sharing and trust groups, then apply this knowledge to
  • Security controls
  • Provide mentoring to junior analysts, assist in the development of a training program, and conducting training to provide exposure and continued growth
  • The role is involved in projects or issues of high complexity that require in-depth
  • Knowledge across multiple technical areas and business segments
  • Minimum 5 years of experience within the IT field
  • Minimum 3 years of experience within IT security monitoring and analyzing internal and external cyber attacks, malware threats, and detection incidents
42

Senior Info Security Analyst Resume Examples & Samples

  • Design, build and operate vulnerability remediation processes
  • Collaborate with the IT Teams (Infrastructure, Application Development) and Business Information Security Officers to drive remediation of vulnerabilities
  • Analyze results from both automated and manual risk assessments and vulnerability testing to identify systemic issues in the IT environment
  • Assist in the governance and oversight of mitigation activities related to issues identified through risk assessments, projects, and Business-as-Usual operations
  • Monitor and track status of remediation and risk acceptance plans
  • Internally educate IT teams about the vulnerability remediation processes
  • Design reporting and metrics to support the operational processes
  • 3 years of experience working within the Cybersecurity field
  • 2 years of experience in the financial services industry
  • BA/BS in Computer Science, Information Systems, Business Administration or a related discipline, or equivalent combination of work experience and professional certifications
  • Experience presenting to senior management level audience
  • Experience working with vulnerability management and remediation
  • Self-motivated/works independently
  • Highly analytical with the ability to identify creative solutions
  • CISM, CISA, CRISC or CISSP
43

Senior Info Security Analyst Resume Examples & Samples

  • Good working knowledge of the UNIX/Linux/Windows systems and security administration, Roles Based Access Controls, Privileged access management tools (e.g. Unix Privileged Manager, Random Password Manager, etc.)
  • Working knowledge in Oracle Identity Management suites (OIM) or similar products
  • Knowledge in building automated solutions using various scripting languages (VBA, vbscript, Perl and Shell script, etc.)
  • Sound knowledge of Identity Access Management lifecycle processes and role-based access controls
  • Complete access request processing as per pre-defined sets of procedure and within agreed Service Level Agreements (SLA), resolve problem tickets and assist other security analysts as needed
  • Proactively identify audit and compliance access related issues to reduce the risk of security exposures on the support systems and applications; coordinate access management related audit and compliance tasks, such as user access reporting and other relevant research and investigation
  • 5 or more years of experience in information security
44

Senior Info Security Analyst Resume Examples & Samples

  • Perform operational activities such as create/modify/delete accounts, grant/modify/revoke entitlement and access permissions related to Windows system, Active Directory or Application within defined Service Level Agreement (SLA)
  • Respond to Security event and participate in investigation
  • Extract data, analyze, identify and fix audit/compliance issues related to access management in order to reduce the risk of security exposures on various layers such as hardware, hypervisor, network, system, middleware, database and application
  • Subject Matter Expert over Identity & Access Management (IAM) practices, policies and procedures
  • Participate in project-based activities, work with developers in rolling out such automations
  • Identify and improve security event detection
  • Internal Projects – Automate manual tasks, create/maintain customer self-help tool/portal. Participate in design, integration between applications and tools, insure in compliance with security standards
  • Bachelor degree in computer science, computer engineering, information security or equivalent job experience
  • CISSP, CISA, CISM and other comparative information security certifications required
  • Between 5 to 7 years Information Security experience required
45

Senior Info Security Analyst Resume Examples & Samples

  • Partner with the rest of the Cybersecurity organization to create a robust affiliate governance program focused on reducing cybersecurity risk
  • Provide subject matter expertise on laws and regulations that apply to the various affiliates
  • Based on these laws and regulations, provide recommendations about necessary cybersecurity controls and programs, and where needed, guidance on Information Technology policy and standards
  • Another responsibility of the role will be updating and maintaining the authoritative source repository with applicable laws, regulations or industry standards, mapping them to IT Standards where needed, and providing subject matter expertise on these sources
  • This role will also be responsible for supporting IT regulatory or cybersecurity audit engagements as needed
  • 1-2 years interpreting and apply laws and regulations or 2-3 years of experience working within the Information Security/Cybersecurity or Information Technology fields
  • Basic knowledge of Federal Financial Institutions Examination Council (FFIEC) guidance, GLBA, Sarbanes-Oxley, FINRA and other relevant laws and regulations. Experience managing projects or multiple priorities is required
  • Candidate must have proficiency with Microsoft Office (MS Excel, MS PowerPoint, etc.)
  • BA/BS or equivalent combination of work experience and professional certifications required
  • 2-5 years of experience working within the information security/cybersecurity or information technology fields with exposure to various technical environments and business segments
  • Basic understanding of security administration and access management, computer and data breach incident management, data protection and security, third party supplier/vendor management, secure software development, technology policies and standards, IT risk management and controls or technology operations and compliance beneficial. J.D. a plus, as are CISA, CISSP, CRISC certifications. Other desired competencies include organizational and writing skills, ability to influence and a problem solving / analytical approach
46

Senior Info Security Analyst Resume Examples & Samples

  • Design, build and operate remediation processes associated with Data Protection and Database Security
  • Establish relationships with individuals in IT responsible for cybersecurity remediation
  • Collaborate with the IT Teams (Infrastructure, Application Development) and Business Information Security Officers to drive remediation of vulnerabilities and IT breaks
  • Operate vulnerability remediation and break management processes
47

Senior Info Security Analyst Resume Examples & Samples

  • Effectively document and communicate findings and reports using SharePoint, Archer and other tools
  • Develop and maintain risk assessment evaluation tools and mappings to automate risk analysis functions, as required
  • Ensure alignment of solutions and services to TIAA IT Risk Framework and business needs
  • Support the development of application risk assessment content, to include the identification and/or definition of application risks, controls, procedures, assessment questions, supporting documentation and evidence
  • Partner and maintain effective relationships with other content owners, subject matter experts and risk assessment technology delivery teams, to ensure the content and solution meet requirements and needs
  • Minimum 5-7 years’ experience in Information Technology
  • Minimum 3-5 years’ experience in IT Risk Management, Information Security Consulting, Information Security Architecture or IT Audit
  • Demonstrated experience in current understanding of IT assessment best practices
  • Working knowledge and understanding of regulatory compliance concerns, data protection / PII and industry standards, security and risk frameworks (i.e., COBIT, Risk IT, Val IT, ITIL, PCI-DSS)
  • 5-7 years’ experience in Information Security, IT Audit or IT Risk Management at a bank, insurance company or financial services organization
  • 5-7 years’ experience performing secure design, security testing or risk assessments and strong preference for doing so with application software and/or new technologies
  • Proficient use of RSA Archer and Tableau Server/Desktop HIGHLY DESIRED
48

Senior Info Security Analyst Resume Examples & Samples

  • Minimum 3 – 5 years of experience working within the Information Security or Information Technology fields
  • Minimum 1 year experience with supplier assessments (prefer 2-3 years experience)
  • Candidate must have proficiency with Microsoft Office (MS Excel, MS PowerPoint, etc.) and excellent verbal and written communication skills enabling candidate to prepare and present to all areas of the business, including senior management
  • 5-7 years of experience working within the information security/cybersecurity or information technology fields with exposure to various technical environments and business segments
  • 2-3 years of experience with supplier assessments or some other kind of risk assessment
  • 2-3 years of experience in the financial industry directly addressing federal financial regulatory requirements as well as knowledge of, and experience with, industry-recognized information security-related standards such as ISO2700x, NIST, COBIT, PCI-DSS. CISA, CISSP, CRISC certifications a plus, as is PMP
49

Senior Info Security Analyst Resume Examples & Samples

  • Develop new SIEM content (ArcSight) including rules, active lists, aggregations, dashboards, trends, and alerts that appropriately characterize the importance of events of interest found in the TIAA-CREF operational environment
  • Develop new SIEM content (Splunk ES) including correlations, dashboards, reports, and alerts that appropriately characterize the importance of events of interest found in the TIAA-CREF operational environment
  • Develop metrics and trends that demonstrate the log platform’s health and operational state
  • Define, document, and implement appropriate delivery, parsing, reporting, and retention of security-relevant log information
  • Minimum 5 years’ experience in information technology and/or information security
  • Minimum 2 years’ in log review, analysis, and design of searches / alerts to bring actionable intelligence from logs
  • Minimum 2 years’ experience in managing, engineering, or developing content for centralized logging solutions with ArcSight or comparable solution (Splunk, ELK, Graylog, etc)
  • Basic understanding of regex
  • 2+ years ArcSight or Splunk ES content development experience, including the ability to identify key interactions logged by malicious activity
  • Understanding of ArcSight and or Splunk engineering a plus
  • Skilled with regex
50

Senior Info Security Analyst Resume Examples & Samples

  • The candidate should have an in-depth understanding of security policies and best practice standards
  • The candidate will provide technical training and consulting on current security topics and issues
  • 5-7 years audit and risk management experience that includes a broad understanding of the software delivery process, professional services consulting and/or program management
  • 5-7 years experience providing information security or information technology consulting services to a broad range of companies and/or federal and state agencies
  • NICE TO HAVES: Mainframe, Encryption, Infratructure, & Tokenization
  • YEARS OF EXPERIENCE: 3-5 years
51

Senior Info Security Analyst Resume Examples & Samples

  • Translate IAM Strategy and agreed strategic IAM Program goals into tactical and actionable roadmap for Corporate and Commercial Applications team. Ensure timely delivery of the roadmap and strike a balance between security and operational excellence
  • Complete access request processing as per pre-defined sets of procedure and within agreed Service Level Agreements (SLA), resolve problem tickets related to Corporate and Commercial applications and assist other security analysts as needed
  • Mentor and provide guidance to other team members. Provide support to other team members and customers as necessary to drive and implement process improvement to reduce risk and improve operational efficiency
  • Document access management procedures for assigned applications; keep the access management procedures up-to-date
  • Deep background in all aspects of Identity and Access Management end-to-end lifecycle, from HR driven processes (on/off-boarding, conversions, transfer), to IAM compliance issues and role engineering
  • Good working knowledge of the UNIX/Linux systems administration, Active Directory, QUEST Active Roles Server, Roles Based Access Controls, Privileged access management tools (e.g. Unix Privileged Manager, Random Password Manager, etc.)
  • Knowledge in building automated solutions using various coding languages (Java, C#, VBA, Vbscript, Perl and Shell script, etc.)
  • Payments Industry knowledge or experience
  • Good understanding of Visa Products and services
  • In-depth understanding of information security principles and IT infrastructure including operating systems, applications, communications and network protocols
  • Have an attention to detail and advanced analytical skills
52

Senior Info Security Analyst Resume Examples & Samples

  • Primary support for the IAM tools including, Oracle Identity Management suites (OIM), Random Password Manager (RPM), Unix LDAP server, Unix Privileged Manager (UPM)
  • Provides technical recommendation to project managers, team leaders and provides technical direction to team members
  • Develop and maintain the Identity and Access Management Architecture and standards
  • 5+ years experience in information security
53

Senior Info Security Analyst Resume Examples & Samples

  • DoD CNO requirements
  • CNO constraints (e.g., resources, technology, etc.)
  • Project management techniques
  • Information assurance (IA), computer network attack (CNA), computer network defense (CND), and computer network exploitation (CNE) concepts, practices, and tools for the administration of classified and unclassified DoD computer networks and systems
  • Knowledge of active defense policy and techniques (e.g., honey pots, honey traps, requesting additional support, etc.)
  • Information system exploits and remediation efforts; incident response processes (e.g., CJCSM 6510.01A, etc.)
  • DoD and US Government (USG) information system (IS) accreditation and certification policies, standards, and governance, to include DoD Information Assurance Certification and Accreditation Process (DIACAP), the National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) Publications, DoDI 8500.2, and DISA Security Technical Implementation Guides (STIG)
54

Senior Info Security Analyst Resume Examples & Samples

  • Under limited supervision, designs, develops, implements, and troubleshoots various information systems security software ensuring resolution
  • Develops security solutions for assignments increasing in complexity
  • Is fully self-sufficient and competent in regards to output quality and quantity
  • Provides informal guidance for colleagues with less experience
  • Is accountable for contributing with a competent standard and delivers every time
  • Plans and prioritizes work using resources in the best possible way to complete tasks on time and with high quality
  • Works quickly and is able to assist other team members where appropriate. Works independently
  • Synthesizes information from various sources by breaking it down into relevant components and generating new data when needed; considers a broad range of issues when determining relevance of data
  • Integrates complex information and concepts and organizes analysis efforts into a systematic framework; verifies logic of others and challenges ideas, assumptions and conclusions
55

Senior Info Security Analyst Resume Examples & Samples

  • Minimum of four years information security specific experience
  • CISSP, CISM or CISA preferred
  • Extensive ability to support SharePoint required
  • Strong knowledge of current identity management threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape
  • Excellent problem solving skills and troubleshooting skills with a strong attention to detail
  • Experience managing/administering periodic user access or entitlements reviews/attestations to ensure appropriate access for applications/ information assets required
  • Experience in the analysis and validation of security access reports, or audit reporting / control areas
  • Experience gathering and facilitating the development of business and system requirements within a broader project team required
  • Strong administrative, coordination and interpersonal skills
  • Ability to use Microsoft Office suite (Word, PowerPoint, Excel and MS Access)
56

Senior Info Security Analyst Resume Examples & Samples

  • 8+ years of experience in knowledge/familiarity of various information security systems
  • 6+ years demonstrated competence in a variety of IT concepts, practices and procedures
  • 3+ years of enterprise networking
57

Senior Info Security Analyst Resume Examples & Samples

  • Communicate alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls
  • Generate end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
  • Prepare briefings and reports of analysis methodology and results
  • Create and maintains Standard Operating Procedures and other similar documentation
58

Senior Info Security Analyst Resume Examples & Samples

  • Collaborate with information security staff and other key stakeholders to identify, develop, and implement information security metrics that provide a holistic view of technology risk in a business unit
  • Actively coordinate and communicate metrics and reporting activities and tasks with other teams
  • Review risk metrics results and provide input to information security reporting and dashboards
  • Assist in implementation of process and procedures for security reporting and metrics activities
  • Work independently with minimal guidance
  • Ability to convey security concepts to both technical and non-technical audiences
  • Strong problems solving skills and exposure to qualitative and quantitative risk analysis
59

Senior Info Security Analyst Resume Examples & Samples

  • Create, delete, and change network computer accounts; Exchange email accounts, distribution lists, public folders and EFT/SFTP, global Active Directory electronic file transfer security groups and protected directories; perform account management responsibilities for web-based applications (act as Security, Network and Email Administrator to the internal Network/LAN)
  • Create, delete, change mainframe computer accounts, PMMIS security groups, IDEAL profiles, DDOL profiles, DQRY user profiles; create all agency mainframe SSRs impacting both the AHCCCS and Hawaii LPARs, as well as other state agencies (acts as Security/RACF/IDEAL/PMMIS Administrator to the AHCCCS and Hawaii LPARs on the mainframe) maintain JCL and Clist code impacting security daily reports and functions
  • Analyze and resolve all security related problems
  • Create and disseminate quarterly security re-certification training and security awareness information
  • Research new technologies, new security needs, and new virus concerns
  • Attend security, management infrastructure, and division meetings
  • Working knowledge of principles, capabilities, and operation of digital mainframe computer systems, PC networking, Microsoft Active Directory, Microsoft Exchange email administration
  • Working knowledge of IBM OS390/z/OS/MVS, ControlM Scheduling software, Job Control Language (JCL), TSO, SDSF, IDEAL, PMMIS, RACF file and data management systems
  • Through working knowledge of Network/PC virus detection, security policy and procedure
  • 5 years experience in PC networking, mainframe operations, RACF administration
  • 3-4 years experience as Administrator for each of the following platforms: LAN, OS390/x/OS/MVS
60

Senior Info Security Analyst Resume Examples & Samples

  • Expertise with regulatory requirements for DoD and Intelligence Community IT systems (STIG, DCID, ICD, etc) and significant experience with Risk Management Framework (RMF) as well as DIACAP and ICD accreditation processes. Emphasis on C&A experience, to include implementing controls and drafting the C&A body of evidence, with DIACAP and DCID 6/3. A plus would be familiarization with ICD 503
  • Familiar with DoD and IC IA tools (SECSCN, WASSP, Retina, Nessus, SCC, SCAP)
  • Convert and apply regulatory requirements to system/application configurations
  • Monitor application/system compliance using common IA tools
  • System/application patching
  • Familiar with industry reference architectures for implementing network access control, monitoring devices, and other security related applications
  • Familiar with integrating applications/systems with management/monitoring software
  • Familiar with IDS/IPS systems
  • Familiar with firewall systems
  • Familiar with virtualization infrastructures
  • Familiar with Microsoft Windows Operating Systems
  • Familiar with Microsoft Active Directory
61

Senior Info Security Analyst Resume Examples & Samples

  • Complete access request processing as per pre-defined sets of procedure and within agreed Service Level Agreements (SLA), resolve problem tickets and assist other security analysts in a fluid environment
  • Proactively identify audit and compliance access related issues to reduce the risk of security exposures on the support systems and applications. Coordinate access management related audit and compliance tasks related to SOX, SSAE16, and PCI DSS, such as user access reporting and all relevant research and investigation
  • Flexibility to work extended hours to interface with international team members, users, and customers
  • 5 to 7 years' computer security experience
  • REXX, SAS programming language, IBM zSecure, Vanguard, SIEM reporting, FTP, SFTP, FTPS, Connect:Direct Secure Plus, SSH, CA VIEW, Certificate Encryption management
62

Senior Info Security Analyst Resume Examples & Samples

  • Align with and support the execution of the Information Security Office
  • Identify and analyze cyberattacks across the enterprise, develop indicators of compromise, and initiate/coordinate IR activities between incident response and technical teams in accordance with Incident Response processes
  • Provide cybersecurity subject matter expertise to the enterprise by developing and disseminating threat intelligence through data collection and analysis
  • Develop detailed incident response playbooks and processes
  • Conduct incident response readiness assessments for existing business units as well as new merger/acquisition organizations. Develop and implement plans to close discovered gaps in process and technologies
  • Manage workload, customer requirements, and internal projects and tasking as assigned
  • Provide analysis for other response consultant’s findings, conclusions and recommendations
  • 8 to 10 years of information security experience with a focus on developing and implementing incident response technologies and processes
  • Security incident response analysis experience and with associated toolsets
  • Understanding of vulnerabilities and tools used to discover, analyze, and exploit vulnerabilities
  • Bachelor's degree in computer science, information systems, information assurance, or equivalent work experience
  • Experience mentoring and leading teams of technical staff
  • Technical or professional certifications such as GCFA, CISA or CISSP
63

Senior Info Security Analyst Resume Examples & Samples

  • Identify high level impacts to address people, culture, technology and process changes for Corporate Information Security and End User Computing initiatives
  • Conduct stakeholder assessments and develop comprehensive change plans, approaches and materials to ensure stakeholders are engaged and committed to the change
  • Develop and implement change management strategies and solutions to ensure the successful implementation and sustained adoption of Corporate Information Security and End User Computing initiatives
  • Work with key stakeholders to identify and anticipate potential areas of resistance to change and develop mitigation strategies to reduce resistance and foster a positive acceptance of change
  • Monitor adoption of initiatives and implement strategies to increase adoption as needed
  • Develop communications that support the changes and work closely with Corporate Communications and other internal partners to ensure communications are distributed in a timely and effective manner with the appropriate levels of review and input
  • Create communications and training documentation to educate the Corporate Information Security team, End User computing, Help Desk all Western Union employees and other key stakeholders on the changes that are being made
  • Create, edit and maintain end-to-end process documentation and process mapping for security and end user computing processes
  • Recommend process improvements and work with the Organizational Effectiveness team to implement changes
  • Provide ad hoc support to the Organizational Effectiveness team to support strategic projects
  • Bachelor's degree is preferred
  • Minimum 8 years of experience in an information technology role
  • 5 years of experience with McAfee Suite Products (ePO, Virus Scan, Host IPS, Data Loss Prevention (DLP), Site Advisor, Application Control, Policy Auditor, Group Shield/MSME, Drive Encryption, Threat Intelligence Exchange (TIE), Endpoint Security),
  • 5 years of experience in Organizational Change Management (OCM), required
  • 2 years of experience in Project Management, required
  • Substantive understanding of Information Security processes and standards
  • Experience in business process mapping and process improvement, preferred
  • Experience in developing, delivering and maintaining Training Programs
  • Ability to deliver high quality, on time deliverables
  • Strong interpersonal, analytical, problem-solving, influencing, prioritization, decision making and conflict resolution skills
  • Excellent communication (both oral and written)
  • Enthusiastic proactive go-getter willing to work with diverse teams and stakeholders
  • Experience interfacing with various partners and internal groups
  • Team player with strong collaborative qualities and a positive demeanor
  • Knowledge of MS Excel, MS Word, MS PowerPoint, Visio and SharePoint, required. Knowledge of Adobe Captivate and Adobe Creative Cloud, preferred
64

Senior Info Security Analyst Resume Examples & Samples

  • Under general supervision, implements and troubleshoots various information systems security software, following policies and procedures
  • Under general supervision, tests and validates solutions to remediate exploitable conditions on devices such as Web servers, mail servers, routers, firewalls and intrusion detection systems following established policies and procedures
  • Under general supervision, evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g. viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning, and Web services manipulation
  • Under general supervision, conducts security assessments of systems, networks and applications using penetration tests and ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities. Prepares status reports on security matters to develop security risk analysis scenarios and response procedures
  • Has technical knowledge of security issues, techniques and implications across all existing computer platforms
  • Develops security solutions for routine to moderately assignments
  • No supervisory responsibilities
  • Solves problems in straightforward situations; analyzes possible solutions using existing experience, existing standards/ precedents and processes; and will be getting more comfortable using own judgment
  • Identifies data requirements and collects all relevant data needed to analyze a problem, situation or issue; considers reliability of data and sources before utilizing and referencing
  • Demonstrates understanding of how the organization does business (i.e. business model and operations, financial performance, and key success factors)
  • Applies basic understanding of the policies, practices, trends and information that impact the organization and its customers to anticipate and plan for each step of a project
  • Understands the financial impact of decisions/solutions and how own role contributes to positive outcomes
  • Demonstrates understanding of definitions, rules, and techniques of risk management and Nasdaq’s risk exposure and tolerance
65

Senior Info Security Analyst Resume Examples & Samples

  • 5+ Years of experience with standard IT processes and technologies (networking, systems administration, change management, ticketing systems, project management, etc.)
  • 5+ Years of experience with standard information security technologies (IPS/IDS, WAF, DAM, SIEM, AV, EDR, etc.)
  • Experience working in a Security Operations Center
66

Senior Info Security Analyst Resume Examples & Samples

  • 6) Third party assessment support
  • 7) Ad Hoc Requests
  • 4 year College degree required in technology or business management
67

Senior Info Security Analyst Resume Examples & Samples

  • Strong Network traffic analysis: TCP/IP packet capture , flow and log analysis
  • Demonstrate knowledge of incident data flow and response, content, and remediation
  • Analyze malware of email and web based threats
  • Evaluate server and network software technologies and products
  • Recommend and performs upgrades, installations and deployments
  • Help to establish and document IT security guidelines, procedures and policies, and implement network security best practices
  • Establish network security schemes, naming conventions, and application security
  • Maintain network security monitoring environments
  • Research, recommend, and implement new security solutions, products and controls
  • Collaborate with other division information security officers and other IT security and compliance functions to implement consistent security safeguards and controls throughout the company
  • Prepare reports and executive summaries for upper management
68

Senior Info Security Analyst Resume Examples & Samples

  • Drive the adoption of the PAM solution for AD domains, servers, databases, applications and network components
  • Provide technical guidance and recommendations to Western Union organizations for integration into the PAM solution
  • Administration of the Lieberman ERPM application to include: Account and access management, Performing configuration changes for the PAM production environment, Monitoring system health, Deploying enhancements, Troubleshooting and triaging issues
  • Coordinating with key stakeholders from IT operations, business teams and/or third party vendors for PAM related initiatives
  • Bachelors of Science degree or 3+ years of information security and/or application security experience
  • Knowledge and/or experience in: Active Directory and Windows systems administration, Linux/UNIX systems administration, Databases and web server technologies, Networking technologies like DNS and Firewalls, Cloud technologies
69

Senior Info Security Analyst Resume Examples & Samples

  • IPS/IDS
  • HIPS
  • Open Source Intelligence
  • Packet Captures
  • Network logs (802.1x, DHCP, WAF)
  • SIEM/Log Management systems
  • Scripting Languages (Python, Bash)
  • Databases (SQL and NoSQL)
  • Extensive experience working in cyber investigations, computer forensics, cyber incident management, secure system development, and/or other IT related fields tied to information security
  • Expert knowledge of implementation of secure application design and architecture
  • Produces quality documentation/ investigation reports (e.g. document design, workflow improvement, standard operational procedures, and development of incident playbooks)
  • Proficient in automation of tasks and data manipulation through scripting or programming with Bash, Python and/or Perl
  • Able to build complex Regex based on logs, URLs and filenames
  • Understanding of the importance of information security from a business context
  • Self-motivated to creatively find and investigate security events, develop alerts based on those events, and train analyst in new procedures based on event findings
  • Demonstrate (via work experience) the ability to create and follow frameworks to ensure comprehensive investigations
  • Familiar with the latest malicious software trends, including experience with exploits and malware
  • Expert knowledge of the Linux and Windows platforms
  • Ability to creatively solve complex problems
  • Experience working under pressure
  • Willing to work off-hours and accommodate rotational on-call work
  • Preference for at least one current recognized security professional certification such as CISSP, CISM, or CISA
70

Senior Info Security Analyst Resume Examples & Samples

  • Bachelor's degree in a science, engineering, mathematics, computer science or related discipline
  • Experience developing a consistent analytic development methodology and process
  • Experience in the analysis and validation of security user access, reporting / control areas
  • Ability to identify and evaluate risk to IT systems, communicate risk to management
71

Senior Info Security Analyst Resume Examples & Samples

  • Information Security, including experience with incident response, malware analysis, completing risk assessments and auditing of Information Security controls, preferably in a healthcare setting
  • Network Security Protocols and Methodologies
  • Must be certified in one of the following areas: Certified Information Systems Security Professional (CISSP), Healthcare Information Security Privacy Practitioner (HCISPP), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Window Security Administrator (GCWN), GIAC Certified Enterprise Defender (GCED), or GIAC Security Essentials Certified (GSEC
  • Proven experience in leading Information Security projects to their successful completion. Knowledge of healthcare information security laws such as HIPAA Security/Privacy rules, HITRUST, NIST, PCI-DSS 3.1, and COBIT
  • Excellent interpersonal and communication skills, both verbal and written
  • Solid understanding of the Information Security & IT controls, Security penetration and vulnerability assessments
  • Experience with NIST and ISO frameworks
  • Solid knowledge of HIPAA, Joint Commission, and other IT security governing bodies
  • Develop capabilities necessary to monitor and detect indicators of compromise using security scripts, tools and services. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning and the implementation of counter-measures or mitigating controls
  • Lead Incident Response processes to protect PHC information assets, comply with all pertinent regulations, investigating/classifying security incidents throughout the incident response lifecycle in accordance with the Incident Response Plan
  • Works closely with the Information Security Analyst, Security Architect, Network infrastructure team, and business units to help implement security infrastructure and technical controls. Serves as an escalation point for complex and sensitive information security issues
  • Coordinate penetration testing activities and be responsible for coordinating the remediation of vulnerabilities found during the testing. Performs periodic and on-demand system assessments and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
  • Work with IT Technical Service groups to review configuration changes made that effects critical infrastructure which include high risk public facing systems such as web servers, email systems and secure transfer systems. Also responsible for reviewing new systems from the security prospective that will be used by the public. Monthly Threat Assessment documentation including vulnerabilities and patch management status
  • Performs detailed analysis of business need, identifies IT security impacts or considerations and translates into secure, viable technical solutions. Develop project charters and objectives
  • Provides presentations regarding proposals, soliciting feedback, promoting buy-in
  • Possess the ability to articulate and translate complex IT areas and associated risks in understandable terms to various roles within the organization
  • Skill and ability to handle multiple priorities and deadlines
  • Ability to work collaboratively as a member of a team
  • Skill and ability in Microsoft Office applications
72

Senior Info Security Analyst Resume Examples & Samples

  • Minimum 5 years of experience in Information Technology with a focus in IT Security/Cybersecurity functions
  • Minimum 2 years of experience supporting an identity & access management program—preferably with a focus on certification activity. Familiar with related concepts such as authentication, authorization, entitlements, role-based access management
  • Prior experience with the SailPoint Identity IQ tool is a plus
  • Skilled in using Microsoft Excel and other desktop tools to sort, filter and extract data
  • Detail oriented with a demonstrated passion for working with data and processes
  • Excellent verbal and written communication skills. The staff member is required to engage with individuals in all business units and at all levels in the organization
  • Self-starter and eagerness to design and build new processes
73

Senior Info Security Analyst Resume Examples & Samples

  • Minimum 2 years’ experience with log review, analysis, and design of searches / alerts to bring actionable intelligence from logs
  • 2+ years SIEM (Splunk ES) content development experience, including the ability to identify key interactions logged by malicious activity
  • Understanding of Splunk engineering a plus
74

Senior Info Security Analyst Resume Examples & Samples

  • Develop integrated solutions for a diverse range of database platforms
  • Clearly document and communicate milestones and goals around database centralization plans for account management
  • Create, implement, and modify database security models for lifecycle management
  • Evaluate and assist in role based access to increase security and ease entitlement certification processes
  • Work with multiple database teams to ensure account management policies are sufficient to meet access requirements and still aligns with least amount of access
  • Ensure compliance with existing IT security policies and develop new policies specific to Database platforms
  • Work with various teams to move all database account management into automation tools
  • Centralize operational processes and standardize accounts across all database platforms
  • Minimum 2 - 5 years of Identity and Access Management experience
  • Minimum 4-7 years of experience in Database Management in provisioning or remediation
  • Experience with Oracle, SQL, and other database platforms
  • Some college training or related/equivalent experience in an identity and access management role
  • Experience with Automation tools such as IdM, Sailpoint, etc
  • Availability during on call situations
  • Proficiency in MS Office products, and documenting skills
  • Experience working in and guiding a team-oriented, knowledge share, and collaborative IT environment
  • Exceptional leadership skills and interpersonal skills, with a focus on rapport-building, listening, and questioning skills
  • Highly self-motivated, directed, and can work independently without supervision in a high-pressure environment
  • Experience with Service Now, Sailpoint, Varonis, Powershell and other scripting languages
75

Senior Info Security Analyst Resume Examples & Samples

  • Develop, document, and maintain strategic communications plans for Cyber Risk Assessment work streams including, but not limited to, Application Risk Assessment, Infrastructure Risk Assessment, and Service Control Assessment. Plans should be developed in collaboration with internal stakeholders
  • Develop, document, and maintain communications content for Cyber Risk Assessment work streams. Content may include executive presentations on risk assessment programs, IT resource owner presentations on risk ownership and assessment, training materials, notifications, announcements, surveys, etc. Content should be developed in collaboration with internal stakeholders
  • Maintain program metrics planning to support the communication of key performance indicators and key risk indicators to executive audiences
  • Deliver Cyber Risk Assessment communications content to relevant audiences by presenting to executive forums, presenting to IT resource owners, and collaborating with internal stakeholders (i.e., Business Information Security Officers, Security Culture and Awareness) to identify and execute other opportunities for communications
  • Develop, document and implement initiatives to measure program risk assessment awareness, adoption, and improvement. Capture feedback from IT resource owners on how to improve and drive change with internal stakeholders
  • Minimum 3 years of IT experience working hands-on in the areas of risk management, business analysis, and/or end-user training
  • Familiarity with risk management concepts
  • Experience with big picture overview and program adoption principles with a particular interest in organizational behavior and leading effective change
  • Experience with Microsoft office (Word, Excel, Powerpoint, Visio)
  • Strong ability to understand an audience and author and deliver impactful presentations, documentation, and metrics
  • Familiarity with TIAA’s IT organization and structure
  • SharePoint skills
  • ©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017