Fulltime Information Security Analyst openings in Los Angeles on September 18, 2022

Sr. Information Security Analyst, Sr. Assoc at FHLBank San Francisco

Location: Los Angeles

Position: Sr. Information Security Analyst, Sr. Assoc.
Job Description:

Responsible for assisting with the operation of the Bank information security systems and controls with a goal to maintain a strong information security program that enables comprehensive monitoring and compliance verification. The Analyst will play a key role in Information Security event triage and incident response by monitoring the Security Information and Event Management (SIEM) system and other alerts generated by security related tools.

The Analyst will also be involved in security operations and is expected to provide hands-on support for a broad spectrum of technologies, including security software running on Windows and Linux systems, network devices, virtual machines, as well as the Bank’s own products and services.

Major

Accountabilities:

Monitor security systems for anomalies, alerts, and respond to potential security issues.

Investigate security related alerts and analyze events for impact and escalation.

Derive conclusions on security events and propose solutions

Assist in preparing documentation related to security issues and cyber incidents.

Manage the Information Security service tickets to provide updates and closure.

Promote security awareness through newsletter communications, classroom training, and facilitating computer based training exercises

Work with and support Security Engineers in troubleshooting security infrastructure devices and solutions.

Stay current on IT security trends and news, including researching emerging technologies and maintain awareness of current security risks.

Participate in security vulnerability assessments and penetration tests on Bank systems and applications.

Participate in periodic policy compliance reviews, risk assessments, and control testing.

Participate in internal security audits and investigations.

Participate in on-uding but not limited to weekends, holidays and after-business hours as required to service the needs of the business.

Skills/Knowledge:

Required Skills:

Understanding in the following areas:
Windows and Linux Security, Networking, Vulnerability Management, Cloud Security, Identity and Access Management.

Strong understand of security concepts and hands-on with tools and systems such as firewalls, IDS/IPS, SIEM, manage antivirus/antimalware, patch management, NAC, and DLP, vulnerability scanners.

Bachelor’s degree in Computer Science, Information Systems, a related field, or equivalent work experience, is required.

Strong analytical and problem-solving skills.

Excellent written and verbal communication skills, demonstrating the ability to write with purpose, clarity, and accuracy to both technical and non-technical audiences.

Minimum of two years of hands-on experience in an equivalent Information Security role. Banking and/or financial services industry experience, a plus.

Self-motivated, organized and able to multi-task, prioritize, and adhere to deadlines

Able to operate independently and effectively

Additional Desired

Skills:

Industry certification is a plus: GIAC Security Essentials, Certified Ethical Hacker, GIAC Certified Incident Handler, Certified Security Administrator (firewall), CISSP.

Programming knowledge, a plus (Perl, Python, C, Power Shell, Ruby, SOAP, XML).Knowledge of compliance and regulatory program requirements, a plus (such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards).Notice regarding COVID-19 Vaccination Requirement: of San Francisco, our top priority is the health and safety of our team members, our families, and the communities we serve. As part of our commitment to health and safety, the Bank requires all employees to be fully vaccinated against COVID-19 as a condition of employment.

New employees must be able to provide proof of vaccination on their first day of work. A person is considered fully vaccinated two weeks after the second dose of a two-dose COVID-19 vaccine s after a single-dose COVID-19 vaccine has been administered.

If you are unable to be vaccinated against COVID-19 because of a sincerely held religious belief, medical condition, or disability, the Bank will consider requests for accommodation in accordance with applicable law.

The Federal Home Loan Bank of San Francisco is an Equal Employment Opportunity employer and is committed to a diverse workforce. We value and actively seek to recruit, develop, and retain individuals with varied backgrounds and experiences reflecting the full diversity of the communities that we serve. It is the policy of the Bank to comply with all applicable laws concerning the employment of persons with disabilities.
Apply Here
For Remote Sr. Information Security Analyst, Sr. Assoc roles, visit Remote Sr. Information Security Analyst, Sr. Assoc Roles

********

Security Metrics and Data Reporting Analyst at Information Technology Services

Location: Los Angeles

The University of Southern California (USC) Department of Information Technology Services (ITS) is seeking a Security Metrics and Data Reporting Analyst with an exceptional commitment to service excellence to join its team.

As the Security Metrics and Data Reporting Analyst, you will be an integral member of the Security Strategy and Governance team of the Office of the CISO.

The Security Metrics and Data Reporting Analyst is responsible for implementing tools and developing techniques for measuring and reporting technical performance metrics. The Analyst is responsible for developing and running reports on regular schedules, while maintaining storage of performance metrics; collects, validates, interprets, and organizes various types of data into meaningful reports and/or summaries for designated audiences. This role is responsible for completing business trend analysis, monitoring key performance metrics and communicating the effectiveness of security process and controls to management, Information Security teams, and other designated audiences.

THE WORK YOU WILL DO

The Security Metrics and Data Reporting Analyst:
• Develops and automates cybersecurity metrics with specific procedures for data collection, analysis and charting.
• Develops and maintains a security dashboard, metrics roadmap, and scorecard.
• Collects and analyzes information security metrics on a periodic basis.
• Determines requirements for technical solutions and tools to effectively implement an Information Security Metrics program.
• Reviews Information Security metrics for efficiency of various Cybersecurity programs. Provides insight to the Information Security Strategy and Governance team.
• Presents information security metrics to the Information Security Governing Body periodically to provide visibility into existing and imminent threats.
• Maps metrics back to the Schools, Units and Hospitals, ITS and Information Security strategic objectives, for providing insight into the effectiveness and efficiency of security processes and controls.
• Defines and implements processes measuring utilization of metrics across schools, units, hospitals, and the Information Security organization, including formal Information Security response to schools, units and hospitals security requests.
• Maintains awareness and knowledge of current changes within legal, regulatory, and technology environments which may affect operations. Ensures senior management and staff are informed of any changes and updates in a timely manner. Establishes and maintains appropriate network of professional contacts. Maintains membership in appropriate professional organizations and publications. Attends meetings, seminars and conferences and maintains continuity of any required or desirable certifications, if applicable.

MINIMUM QUALIFICATIONS
• Bachelor’s degree or combined experience/education as substitute for minimum education
• 3 years experience of directly related experience in information security or risk management.
• Passionate understanding and working knowledge of information security fundamentals and risk-based approach to information security.
• Understanding of end-to-end security metrics process including metrics collection, tracking and reporting, including ownership and responsibilities for each activity.
• Strong experience in developing automated tools used to calculate metrics and visualization tools for reporting.
• Ability to analyze data using industry leading tools reporting including the use of complex macros and scripts for reporting and data mining purposes from multiple sources.

PREFERRED QUALIFICATIONS
• Understanding of data management systems that aggregates data from multiple sources
• 4 years of data processing and analytics experience
• Passion and expert skills in building elegant and interactive data visualizations of complex information including drill-down capability.
• Advanced experience in the design and creation of security and compliance metrics as well as dashboards for Senior Management.
• Advanced skills in Microsoft PowerPoint and Excel.
• System administrator experience
• Application development experience in one or more of the following environments: .NET, ColdFusion, LAMP,etc.
• Experience with scripting languages (Python, Perl, Bash, PHP, etc.).
• Strong Information Security Industry background including one or more Security certifications (Security+, GSEC). Solid understanding of Security concepts.

THE ITS TEAM

The ITS vision aligns strategy, business, and services; affirms ITS cultural values; empowers cross-functional teamwork; embraces world-class best practices; and promotes innovation, excellence, agility, and efficiency. To achieve this vision, ITS is committed to providing a modern technology infrastructure that is resilient and delivers the performance necessary to meet the demands of a growing customer base, training in the latest technologies for its highly productive and motivated workforce, outstanding customer experience, and technology services that are aligned with the universitys mission to provide exceptional learning opportunities for students. ITS is creating a workplace where employees can develop cutting-edge skills, take pride in the services they provide, and have access to the roles and career paths that align to their abilities and potential. We are looking for top talent to join us on our journey.

ITS CULTURE

USCs ITS organization represents a diverse and talented team, committed to supporting a collaborative culture and delivering secure and innovative IT services that are core to the mission of the university. We are also committed to creating and maintaining meaningful partnerships across the university. At ITS, we act with integrity in the pursuit of excellence; embrace diversity, equity, and inclusion; promote well-being; engage in open two-way communication, and are accountable for living our values. ITS strives for a supportive and inclusive culture that encourages employees to do their best work every day and where individuals are recognized and celebrated for their contributions.

ABOUT USC

USC is the leading private research university in Los Angelesa global center for arts, technology, and international business. With more than 47,500 students, we are located primarily in Los Angeles but also in various US and global satellite locations. As the largest private employer in Los Angeles, responsible for $8 billion annually in economic activity in the region, we offer the opportunity to work in a dynamic and diverse environment, in careers that span a broad spectrum of talents and skills across a variety of academic and professional schools and administrative units. As a USC employee and member of the Trojan Familythe faculty, staff, students, and alumni who make USC a great place to workyou will enjoy excellent benefits, including a variety of well-being programs designed to help individuals achieve work-life balance. USC values diversity and is committed to equal opportunity in employment.

Come join the USC ITS team and work as a trusted partner in shaping an environment of innovation and excellence. Apply today!

Minimum Education Bachelor’s Degree Combined education/experience as substitute for minimum education Minimum Experience: 3 years Minimum Field of Expertise: Passionate understanding and working knowledge of information security fundamentals and risk-based approach to information security. Understanding of end-to-end security metrics process including metrics collection, tracking and reporting, including ownership and responsibilities for each activity. Strong experience in developing automated tools used to calculate metrics and visualization tools for reporting. Ability to analyze data using industry leading tools reporting including the use of complex macros and scripts for reporting and data mining purposes from multiple sources.
Apply Here
For Remote Security Metrics and Data Reporting Analyst roles, visit Remote Security Metrics and Data Reporting Analyst Roles

********

Information security analyst at Occidental College

Location: Los Angeles

POSITION SUMMARY

The Information Security Analyst / Administrator will plan, implement, upgrade, and monitor security protocols for the protection of the organization’s computer networks and information.

Reporting to the AVP for Technical Services the Information Security Analyst / Administrator works with constituents across the college – faculty, staff, and students – to develop and deliver a comprehensive security and privacy program on risk management and compliance activities.

This position is responsible for security protocols related to Oxy’s information infrastructure and will work with network / system administrators to track security vulnerabilities in the information sharing network to ensure that such weaknesses in the system are addressed and remedied efficiently.

This position will work continuously on security measures and applications designed to mitigate the risk of malicious intrusion into the network’s information systems.

SUMMARY OF DUTIES, RESPONSIBILITIES AND GOALS
• Collaborates with users to discuss computer data access needs, to identify security threats and violations, and to identify and recommend needed programming or process changes.
• Uses data encryption, firewalls, and other appropriate security tools and applications to conceal and protect transfers of confidential digital information.
• Develops and implements plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure;

adheres to emergency data processing needs.
• Reviews violations of security procedures; provides training to ensure violations do not recur.
• Monitors and restricts access to sensitive, confidential, or other high-security data.
• Performs risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures.
• Safeguards system security and improves overall server and network efficiency by training users and promoting security awareness.
• Determines when to update virus protection systems by monitoring current reports of computer viruses; facilitates or performs needed updates.
• Monitors and upgrades malware, virus detection applications and other monitoring systems; conducts analysis on the information sharing structure;

and tests for security vulnerabilities. Researches new anti-intrusion applications and test their efficacy against the network’s and organization’s security protocols and requirements.
• Creates and implements policies, protocols, and procedures, and creates and presents reports based on risk analysis of the information-sharing network.
• Directs and performs security event handling, threat hunting, threat intelligence analysis, forensic analysis, vulnerability identification.
• Leads and engages appropriate College parties to properly address and manage cybersecurity incidents, including analysis, remediation, and recovery.
• In partnership with members of the ITS leadership team, defines and maintains policies, standards, and practices for information and data security throughout the college, encompassing on-premise and cloud technology, third-party engagements, and academic systems.

Design and execute activities, inside and outside ITS , to socialize and implement these standards.

Performs other duties as assigned.

QUALIFICATIONS
• Demonstrated problem-solving and analytical skills.
• Proficient, or able to gain proficiency with, a broad array of security software applications and tools.
• Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication.
• Ability to be self-directed and to respond to requests with short turnaround times
• Strong interpersonal skills and the ability to communicate clearly, both verbally and in writing, with colleagues, as well as possibly internal stakeholders
• Ability to prioritize and organize a heavy and varied workload, be responsive and timely, and effectively serve a range of constituents within the College.
• Technical knowledge of information security standards (e.g., NIST, ISO, OWASP, etc.), rules and regulations related to information security and confidentiality (e.

g., PCI, FERPA, GLBA, etc.).
• Familiarity with / knowledge of data protection, privacy, and cybersecurity related laws and regulations.
• Strong commitment to teamwork, knowledge sharing, and communication
• Ability to coordinate remotely with teams and colleagues
• Ability to demonstrate a professional, positive attitude and adherence to ethical standards
• Critical thinking and sound judgment, especially in urgent situations
• Adaptability to address urgent situations and needs, which may occur off-hours and over the weekend
• BA or BS in Computer Science, Information Management, or related field, or equivalent experience
• More than three years of progressive experience managing a comprehensive information security and / or IT risk management program including policy development, awareness and education, application and systems development requirements, network security, penetration testing, vulnerability assessment, risk analysis, incident response, and / or governance, risk, and compliance (GRC) management.
• Experience with Security Incident, Data Breach, and IT resilience response planning, testing, auditing, and risk analysis.
• CISSP, CISM, CIPP, CIPT, CRISC, GIAC, or other security, privacy, or IT risk management certification / accreditation preferred.
• Experience in higher education.

APPLICATION INSTRUCTIONS

Please submit a resume and cover letter explaining how your qualifications meet the requirements of the position

ADDITIONAL INFORMATION

Occidental is an Equal Opportunity Employer and does not unlawfully discriminate against employees or applicants on the basis of race, color, religion, sex, sexual orientation, gender identity, gender expression, pregnancy, breastfeeding or related medical condition, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, genetic characteristic or information, military and veteran status, or any other characteristic protected by state or federal law.

Occidental is strongly committed to increasing the diversity of the campus community and the curriculum, and to fostering an inclusive, equitable, and just environment within which students, staff, administrators, and faculty thrive.

Candidates who can contribute to this goal through their work are encouraged to identify their strengths and experiences in this area.

Salary is commensurate with experience and qualifications. A comprehensive benefits package is available that includes : excellent health, dental, life, and retirement benefits;

tuition benefits for the employee, spouse, domestic partner, and dependents; additional extras including use of gym facilities and the College Library.

For a detailed description of benefits, please visit https : / / www.oxy.edu / offices-services / humanresources / benefits-information.

All qualified applicants will be considered for employment, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance.

Occidental College is committed to working with and providing reasonable accommodations to applicants with qualifying disabilities.

If you need a reasonable accommodation because of a disability for any part of the application or employment process, please contact Human Resources.

As a condition of hire for a staff position and for appointment to a faculty position, Occidental College requires that all candidates who have received a conditional offer of employment complete an application form (if they have not already done so) and consent to a background check.

Satisfactory completion of a background check, along with pre-employment verifications and references are required as a condition of employment, but only as permitted by federal, state, and local law, including the City of Los Angeles Fair Chance Initiative for Hiring Ordinance.
• provided by Dice

Last updated : 2022-09-18
Apply Here
For Remote Information security analyst roles, visit Remote Information security analyst Roles

********

Senior Information Security Project Manager (Greater LA Area, CA) at BlackLine

Location: None

Get to Know Us:
It’s fun to work in a company where people truly believe in what they’re doing!
At Blackline, we’re committed to bringing passion and customer focus to the business of enterprise applications.
Since being founded in 2001, BlackLine has become a leading provider of cloud software that automates and controls the entire financial close process. Our vision is to modernize the finance and accounting function to enable greater operational effectiveness and agility, and we are committed to delivering innovative solutions and services to empower accounting and finance leaders around the world to achieve Modern Finance.
Being a best-in-class SaaS Company, we understand that bringing in new ideas and innovative technology is mission critical. At BlackLine we are always working with new, cutting edge technology that encourages our teams to learn something new and expand their creativity and technical skillset that will accelerate their careers.
Work, Play and Grow at BlackLine!
Make Your Mark:
The Sr. Project Manager is responsible for leading service delivery and program development from end to end in a continuous improvement, growth, SaaS environment. The Sr. Project Manager couples project management duties with organizational oversight and strategic leadership to design and deliver within the following categories: Operational Improvement, Project Support, Knowledge Management, Team Communication and Strategic Alignment.
You’ll Get To:
• Drive improvements into the PMO program and ensure industry best practices are leveraged
• Delegate project tasks based on junior staff members’ individual strengths, skill sets, and experience levels
• Promote effective internal and external communication, ensure transparency, and disseminate information appropriately (e.g. trainings/educations, metrics and executive reporting, etc.)
• Makes recommendations to management regarding long-term contractors and/or additions to staff
• Delegate project tasks based on junior staff members’ individual strengths, skill sets, and experience levels
• Design and deliver project communications including project steering committee meetings and status reports
• Own and analyze financial data for projects including project budgets, risks and resource allocations
• Oversee multiple programs and projects, ensuring team members are carrying out tasks efficiently while upholding appropriate standards
• Continuously evaluate projects and programs to ensure they are meeting company standards, adhering to budgets and meeting deadlines
• Design and deliver critical metrics to the organization with regard to projects and programs
• Assist teams in defining and delivering project and program charters, definition of done, and fit into larger company goals and objectives
• Assist Sr. Director, InfoSec in creating board-ready reporting for projects and programs in support of CISO.
• Act as InfoSec team PMO for ongoing projects, including creating and executing project plans, schedules and milestones, and assist in the escalation of identified issues
• Collaborate with InfoSec team members to maintain comprehensive project documentation, plans and reports
• Act as the PMO point of contact and own the communication of project statuses to InfoSec management
• Ensure projects are delivered successfully, on time and within budget
• Use tools to monitor working hours, plans and expenditures for projects
• Manage InfoSec info/education sessions (as deemed fit), including preparation of materials, communication of related schedules, and assignment of presentations to team
• Manage team communications and repositories on Bullhorn, Confluence and SharePoint
• Document organizational templates within the document repositories
• Delegate relevant tasks to Project Manager and other team members as required.

What You’ll Bring:
• 7+ years of experience
• BS or higher, preference for Computer or information systems related degrees due to subject matter
• Proven work experience as a Project or Program Manager in a similar role
• Demonstrated ability to manage multiple programs and projects, with increasing complexity / responsibility
• Experience in project coordination and management, from conception to delivery
• Knowledge Management experience
• Service Management experience (with Service Management tools)

We’re Even More Excited If You Have:
• PMP, Scrum master
• ITILvX (3 or 4)
• CISSP or CISA

Thrive at BlackLine Because You Are Joining:
• A technology-based company with a sense of adventure and a vision for the future. Every door at BlackLine is open. Just bring your brains, your problem-solving skills, and be part of a winning team at the world’s most trusted name in Finance Automation!
• A culture that is kind, open, and accepting. It’s a place where people can embrace what makes them unique, and the mix of cultural backgrounds and varying interests cultivates diverse thought and perspectives.
• A culture where BlackLiner’s continued growth and learning is empowered. BlackLine offers a wide variety of professional development seminars and inclusive affinity groups to celebrate and support our diversity.

BlackLine is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity or expression, race, age, religious creed, national origin, physical or mental disability, ancestry, color, marital status, sexual orientation, military or veteran status, status as a victim of domestic violence, sexual assault or stalking, medical condition, genetic information, or any other protected class or category recognized by applicable equal employment opportunity or other similar laws.
Apply Here
For Remote Senior Information Security Project Manager (Greater LA Area, CA) roles, visit Remote Senior Information Security Project Manager (Greater LA Area, CA) Roles

********

Senior Incident Response Analyst at FARFETCH Group

Location: Los Angeles

FARFETCH exists for the love of fashion. Our mission is to be the global platform for luxury fashion, connecting creators, curators and consumers.

We’re a positive platform for good, bringing together an incredible creative community made up by our people, our partners and our customers. This community is at the heart of our business success. We welcome differences, empower individuality and celebrate diverse skills and perspectives, creating an inclusive environment for everyone. We are FARFETCH for All.

TECHNOLOGY

We’re on a mission to build the technology that powers the global platform for luxury fashion. We operate a modular end-to-end technology platform purpose-built to connect the luxury fashion ecosystem worldwide, addressing complex challenges and enjoying it. We’re empowered to break traditions and revolutionise, with the freedom and autonomy to make a difference for our customers all over the world.

LOS ANGELES

Our Los Angeles office is found in the centre of downtown LA. Our office is in one of the city’s tallest buildings with panoramic views of the Pacific Ocean, the mountains and the Hollywood sign. Inside, the office is full of plants and beautiful furniture, with amenities and work areas that allow Farfetchers to design their day to be the best it can be. Some of the main teams located here include Operations, Customer Service and Production.

THE ROLE

We are looking for a passionate expert to join our security team who loves to reveal potential weaknesses and then think on creative solutions to eliminate any issues. Your expertise is key in building the foundation of security projects that protect the security and privacy of our clients. People will rely on you to provide engineering and product teams with the security expertise necessary to make product decisions.

WHAT YOU’LL DO
• Further, develop our Incident Response program
• Review logs/events from IDS, SIEM, WAF, and NG Firewall / Web Proxy
• Identify and find Indicators of Compromise within the corporate network and infrastructure
• Be part of the on-call team responsible for detecting and responding to Cyber Security incidents
• Help maintain our Secure Systems Development Life Cycle in all their stages

WHO YOU ARE
• You are a graduate of a program in Computer Science, Information Security, or a related field
• You have more than 3 years in a similar position or in a Security Operations Center (SOC) environment
• You are comfortable being hands-on with experience in SIEM, Web Application Firewall, IDS/IPS
• You are experienced in analytical and problem-solving within a complex IT environment
• You are experienced in Malware and Forensics analysis
• You are a team player with experience working with remote, global teams
• You are a holder of certifications on Information Security (OSCP, CEH, GCIH or similar)

REWARDS & BENEFITS
• FARFETCH Equity plan and annual discretionary bonus
• Medical, dental, vision, with flexible spending account
• 401K plus company match, PTO and volunteer days
• Wellness, and cell phone reimbursements
• Family Lunch, catered weekly when in office

EQUAL OPPORTUNITIES STATEMENT
• FARFETCH is an equal opportunities employer ensuring that all applicants are treated equally and fairly throughout our recruitment process. We are determined that no applicant experiences discrimination on the basis of sex, race, ethnicity, religion or belief, disability, age, gender identity, ancestry, sexual orientation, veteran status, marriage and civil partnership, pregnancy and maternity, or any other basis prohibited by applicable law. We continue to build our consciously inclusive culture as part of our Positively FARFETCH strategy throughout our business, partnerships and communities.

We are looking for an Incident Response Analyst to join our Cyber Security team in Los Angeles${description2}
Apply Here
For Remote Senior Incident Response Analyst roles, visit Remote Senior Incident Response Analyst Roles

********

Cyber Analyst at GAF

Location: Los Angeles

Come Build Your Career Under OUR Roof
Job Description:
The Cyber Analyst will report to the Director of Cybersecurity.
What Part Will You Play?
+ This Cyber Analyst will be part of the Global Cyber Security Team tasked with supporting the Global Application Security and Vulnerability Program
+ S/he will be developing Key Performance Indicators for Vulnerability Management, coordinating scanning schedules and reporting on remediation activities
What Will You Be Doing?
+ This individual will ensure that vulnerabilities (infrastructure, network and endpoint) are properly identified and remediated in a timely manner in accordance with the established SLAs and with the goal of keeping GAF’s application portfolio secure.
+ Partnering with the Global Cyber Security Team and IT infrastructure professionals to assess potential impact and likelihood of application vulnerabilities and prioritize remediation activities
+ Driving program maturity, reducing the time to vulnerability remediation by integrating technology platforms and automating processes
What Do We Require From You?
+ Knowledge of industry standards relating to Vulnerability Management including:
+ Common Vulnerabilities and Exposures (CVEs),
+ Common Vulnerability Scoring System (CVSS),
+ Open Web Application Security Project (OWASP)
+ Strong written and verbal communication skills with the ability to collaborate through all parts of the business.
+ Establish rapport and credibility with key stakeholders for effective oversight of remediation activities
Responsibilities:
The Cyber Analyst’s job is composed of a variety of activities, centered primarily around improving overall vulnerability management security posture:
+ Lead the execution of vulnerability detection capabilities for on-premise and cloud environments
+ Partner with the Cybersecurity Operations team to deliver shared outcomes that improve effectiveness to detect and respond to vulnerabilities and threats
+ Perform application security assessments (dynamic application security testing) for new and existing applications
+ Work with the security architecture and engineering teams to develop and implement controls and configurations aligned with security policies and report key performance metrics.
+ Provide metrics reporting the state of the vulnerability management program and the performance of stakeholders against requirements
LEVEL BASED COMPETENCIES:
+ Good verbal, written and interpersonal communication skills
+ Detailed knowledge of the Vulnerability Management life-cycle including vulnerability identification, false negative/positive identification, and elimination
+ Experience developing and maintaining policies, procedures, standards and guidelines.
+ Knowledge of:
+ deployment in cloud environments: Azure, GCP (preferred), AWS, etc
+ bonus points for containerization
+ vulnerability management tools: Qualys, Nessus, Rapid7, etc
+ OWASP Top 10 (Open Web Application Security Project)
+ Cyber Security frameworks: MITRE ATT&CK, NIST, etc
+ Excellent analytical and organizational skills
+ Previous experience in an information security role, preferably vulnerability management.
+ A bachelor’s degree in information systems or equivalent work experience
Dimensions
No of direct reports: 0
No of indirect reports: n/a
Budget Responsibility: no
Travel Requirements: 10%
GAF is an equal opportunity employer.
We are taking a responsible approach to creating environments that allow us to do what we do best – Protect what matters most.
As part of our commitment to health and safety, COVID-19 vaccines are required for all candidates and employees in this position. Proof of vaccination is required. Should you require accommodation for medical or religious needs, GAF will engage in an interactive process with you to determine if a reasonable accommodation can be provided in accordance with applicable state and federal law.
We believe our employees are our greatest resource. We offer competitive salary, benefits, 401k, and vacation packages for all full time permanent positions. We are proud to be an equal opportunity workplace and GAF, Standard Logistics, SGI, and Siplast are proud to be affirmative action employers. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know. If applying for positions in the U.S., must be eligible to work in the U.S. without need for employer sponsored visa (work permit).
Apply Here
For Remote Cyber Analyst roles, visit Remote Cyber Analyst Roles

********

Information security analyst at Rangam Consultants

Location: Los Angeles

Be the first to apply to this potential future opportunity!!!

Direct Hire Salaried opportunity with Full Health Benefits working from home with an elite Insurance company. Team building, family-oriented environment, exceptional opportunities for growth, inclusive to Autistic & Neurodivergent candidates.

Are you interested in working with a company who delivers exceptional client service; acts with integrity and responsibility;

and supports the growth of their employees? Our client is just that organization. They are the top in the Insurance industry, and they may be looking for you!

Autistic and neurodivergent candidates are highly encouraged to apply.

Direct Hire Salaried role with the Client working remote

Job Summary

The Information Security Analyst will perform third party vendor security risk assessments, wherein they will analyze the security posture of our vendor relationships to ensure they align with Farmers security controls.

Analysts will be introduced to a risk-based methodology that will enable them to identify a broad range of cybersecurity and data privacy risks among the organization’s suppliers and vendors.

Analysts will develop skills to identify and advise on security countermeasures and controls; learn best practices; learn to perform complex security risk assessments;

build knowledge of corporate security policies; and learn to recognize security violations. Analysts will play a critical role in managing Farmers data security risks.

Essential Job Functions
• Manage the end-to-end lifecycle for a portfolio of vendor security risk assessments, each with different priorities, requirements, start dates, and deadlines.
• Lead interviews with vendor representatives and Farmers stakeholders to validate the scope of the vendor’s services and the impact on the security and privacy of Farmers’ data.
• Demonstrate flexibility by employing adaptive lines of inquiry during interviews to capture the nuance and unique characteristics of each vendor relationship.
• For each assessment, review a wide range of vendor questionnaire responses, scrutinize findings and gaps, and summarize the overall risk of the vendor engagement.
• Develop competencies to identify security risks across various security domains, such as cybersecurity, application security, physical security, secure software development lifecycle, cryptography, access controls, network security, governance, and compliance.
• Generate conclusion reports for each assessment, complete with highlighted gaps, vendor remediation plans, compensating controls and overall conclusion whether to proceed with the engagement.
• Throughout the lifecycle of each assessment, ensure all Farmers stakeholders, such as requestors, contract managers, and project managers, receive consistent and clear status updates.
• Track post-assessment gap remediation by the vendor. Learn to effectively communicate data security risks to both IT and business stakeholders, to master tailoring messaging to both technical and non-technical audiences.
• Demonstrate ownership of assigned projects from initiation to completion by employing precision, analytical skills, and strong attention to detail.
• Perform other duties as assigned.

Physical Actions

Sits or stands for extended periods of time, up to a full work shift. Occasionally reaches overhead and below the knees, including bending, twisting, pulling, and stooping.

Occasionally moves, lifts, carries, and places objects and supplies weighing 0-10 pounds without assistance. Listens to, interprets, and differentiates auditory information (e.

g., others speaking) at normal speaking levels with or without correction. Visually verifies and reads information. Visually locates material, resources, and other objects.

Ability to continuously operate a computer for extended periods of time, up to a full work shift. Physical dexterity sufficient to use hands, arms, and shoulders repetitively to operate keyboard and other office equipment up to a full work shift.

Physical Environment

This position operates in an open office working environment which will include normal and customary distractions, noise, and interruptions.

Education Requirements

High school diploma or equivalent required. Bachelor’s degree in Information Systems or related discipline preferred.

Experience Requirements

1 – 3 years of experience in IT Security or Information Security Risk consulting, or comparable base of knowledge / expertise in the field.

S Strong knowledge of Excel spreadsheets, Powerpoint, & Outlook
• Familiarity with governance and controls frameworks, such as COBIT, COSO, ITIL, NIST, and ISO preferred.
• Experience in documenting procedures, reports, presentations, agendas, and meeting minutes.
• Familiarity with assessing IT or security risk in an enterprise-level environment.
• Time management, project management, presentation, and organizational skills.
• PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.

Job Location(s) : Remote

It is the policy of Rangam Consultants, Inc. to provide equal employment opportunities to all applicants and employees without regard to any legally protected status such as race, color, religion, gender, national origin, age, disability, or veteran status.”

Last updated : 2022-09-18
Apply Here
For Remote Information security analyst roles, visit Remote Information security analyst Roles

********

Information Security Analyst – Hiring Immediately at TEKsystems

Location: Rancho Cucamonga

Description:

Position Purpose and Objectives
Takes a lead role in the administration and enforcement of the credit union’s information security policies, procedures, and related systems with an emphasis on protecting member data and regulatory compliance; Works with credit union management and team members to ensure a high level of security awareness and adherence to security policies.

Major Duties and Essential Functions
1. Personally, provides exceptional Member service; uses Service Standards in every work-related interaction.
2. Manages multiple information security systems, ensuring proper integration of the components with computer systems, network equipment and other devices.
3. Researches data security needs and requirements for current and future systems.
4. Performs regular vulnerability analysis for intentional and unintentional systems misuse and identifies appropriate counter measures.
5. Takes a lead autonomous role in the management of the credit union’s information security program including establishing, implementing and monitoring of information security, incident response procedures and policies, system configuration standards and ongoing risk assessments.
6. Assists the credit union management team with the creation, modification, and implementation of Information Security policies and standards.
7. Performs routine audits of security databases including Active Directory, Anti-Virus, Firewall, Data Loss Prevention (DLP), Group Policy, Remote Authentication Dial-In User Server/Service (RADIUS), and regularly reviews other security logging systems. Designs and/or implements changes to these systems in response to any discovered vulnerabilities.
8. Performs regular audits of credit union procedures including new hire/transfer/separation process, configuration checklists, firewall changes, Uniform Resource Locator (URL)/Spam filter changes, DLP changes, file permission changes, inventory changes, equipment changes, and system health checks.
9. Lead role in the management of credit union patch management, anti-virus, spam filtering, DLP, URL filtering, and intrusion prevention systems.
10. Assists with the development and implementation of active directory group policy objects with an emphasis on enhancing computer systems security.
11. Manages the creation, deletion, or alteration of systems access for credit union employees. Makes key decisions on whether to honor system access requests and responds appropriately.
12. As primary liaison between users and Information Systems (IS) Department, provides on-call consulting advice and technical support in regard to specific operational/application issues; maintains ownership of system operations problems; resolves if possible or manages immediate resolution process.
13. Takes a lead role in the research, design, and implementation of all information security related hardware or software including operating systems and communications products; coordinates implementations with third party vendors and supports representatives as needed; serves as a liaison between vendors and other departments on information security related projects.
14. Develops, implements, and/or conducts various training and instruction programs for credit union employees on the secure use of e-mail and the internet as well as operating systems, networking, computer applications and databases.
15. Evaluates new projects and proposes systems for security risks and makes recommendations for implementation to management.
16. Takes lead role in analyzing, planning and implementing projects including software, in-house development, hardware, and networks to provide new products and services to members of the credit union and to improve the effectiveness of member data security. Performs capacity planning and tuning of information security systems to assure maximum availability and optimal utilization; directs/assists with hardware and software upgrades as needed.
17. Develops project scope, company-wide best practices for IT security and timeline documents for individual projects per IS Department standards.
18. Fix detected vulnerabilities to maintain a high-security standard.
19. Document security breaches and assess the damage they cause.
20. Install security measures and operate software to protect systems and information infrastructure, including firewalls and date encryption programs.
21. Investigate security breaches and other cyber security incidents.
22. Stays current with evolving trends in information security related hardware, applications, development, and the internet.
23. Provides guidance and assistance on technical skills to other IS staff.
24. Provides regular documentation and reports on the progress of information security initiatives as well as provides suggestions or plans to further improve the credit union’s security efforts.
25. Regular and predictable attendance and punctuality.
26. Maintains a working knowledge of Bank Secrecy Act (BSA). Anti-Money Laundering (AML) and Office of Foreign Asset Controls (OFAC) laws/regulations applicable to area of responsibility and complies with all laws/regulations.
27. Other duties as deemed necessary and assigned by Supervisor to achieve the goals of the department and the Credit Union.

Skills:

Security, Audits, patch, management, anti, virus, spam, filtering, DLP, permissions, file, changes, intrusion, prevention, system, access, CEH, CISSP

Top Skills Details:

Security,Audits,patch,management,anti,virus,spam,filtering,DLP,permissions,file,changes,intrusion,prevention,system,access,CEH,CISSP

Additional Skills & Qualifications:

Advanced knowledge of computer skills including hardware, software, operating systems and networking with a focus on information security; understanding of firewalls, proxies, SIEM, antivirus, and IDS/IPS concepts; ability to identify and mitigate network vulnerabilities and explain how to avoid them; understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact; experience with computer network penetration testing and techniques; ability to design and work with multiple linked, relational databases using advanced data management techniques and processes; development, installation, administration, troubleshooting and maintenance of large, complex computer networks; advanced knowledge of word processing, spreadsheets, presentation and database software; exposure to applications development in the Windows environment; above average interpersonal, oral and written communication skills are required to elicit requirements and communicate technical information to users effectively; problem solving and analytical skills.

Experience Level:

Entry Level

About TEKsystems:

We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That’s the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Apply Here
For Remote Information Security Analyst – Hiring Immediately roles, visit Remote Information Security Analyst – Hiring Immediately Roles

********

Cyber Security Engineer (Remote) at NBCUniversal

Location: Universal City

Job Description
Join NBCUniversal Cyber Security and accelerate our security engineering by building an approach, tools, and documentation for our cyber infrastructure automation.
This role is a part of the Cyber Security Engineering team, responsible for security technology that supports the entire NBCUniversal enterprise. You’ll be responsible for identifying key processes around the sustainability and availability of our security products and working to support and automate proactive approaches for deployment and optimizations of security toolsets.
You’ll:
• Establish, sustain, and improve highly-available, secure, and scalable foundations for core on-premise and cloud security services
• Develop tooling for configuration management, containerization, and secrets management with a DevOps agile approach
• Partner with security Service Owners and Architects to build new platforms and migrate existing security tools to be automated for on-prem and cloud-delivered solutions – reduce friction and enable self-service as much as possible
• Provide documentation and resources to enable other technologists to leverage new tooling and architectures
• Identify repeatable processes around operational tasks for deploying and managing security tools to target for automation
• Look at problems pragmatically to provide insight, ideas and help set priorities on how to execute accordingly
• Provide secure design and engineering guidance for enterprise security solution.
• Provide excellent support and service to other teams that rely on our services – help share knowledge, and assist in creation and management of alerts, reports and other knowledge objects.
• Participate in an on-call rotation for support of systems outside of normal business hours, and be available to perform maintenance and critical operations as needed

You need:
• An understanding of IT security principles and how to apply them.
• Experience with CI/CD technologies such as Jenkins, Ansible and Github
• A thirst for improvement and an inclination to thoughtfully challenge the status quo
• Desire to try things and iterate on them, fail fast, and focus on functionality that matters
• Eagerness for learn new security tools/services to support broadening portfolio.
• Leverage data to drive design and risk decisions using various sources and basic analytics to create clear metrics and reports.
• Highly collaborative; personally, and professionally self-aware; able to and interested in interacting with employees at all levels; embody integrity; and represent and inspire the highest ethical standards
• 3-5 years of experience administrating security tools.

Bonus points for:
• A clear understanding of securing infrastructure in AWS, Azure or Google Cloud.
• Experience in managing IT security endpoint solutions i.e., Crowdstrike, Airlock
• Advanced-level knowledge and experience with scripting in one or more languages, ideally Python

Additional Information
NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations in the US by calling 1-818-777-4107 and in the UK by calling +44 2036185726.
Apply Here
For Remote Cyber Security Engineer (Remote) roles, visit Remote Cyber Security Engineer (Remote) Roles

********

Associate security analyst at The Boeing Company

Location: Los Angeles

At Boeing, we innovate and collaborate to make the world a better place. From the seabed to outer space, you can contribute to work that matters with a company where diversity, equity and inclusion are shared values.

Were committed to fostering an environment for every teammate thats welcoming, respectful and inclusive, with great opportunity for professional growth. Find your future with us. >

Were committed to fostering an environment for every teammate thats welcoming, respectful and inclusive, with great opportunity for professional growth.

Find your future with us. Boeing Government Security is currently seeking a highly motivated Associate Industrial Security Analyst to join their team in El Segundo, CA.

As an Associate Industrial Securit…Security, Industrial, Associate, Analyst, Operations, Programmatic, Technology

Last updated : 2022-09-18
Apply Here
For Remote Associate security analyst roles, visit Remote Associate security analyst Roles

********

The Tech Career Guru
We will be happy to hear your thoughts

Leave a reply

Tech Jobs Here
Logo