Weichert Workforce Mobility is hiring a Senior Information Security Analyst in Morris Plains, NJ. The Senior Information Security Analyst is responsible for safeguarding the company's technology assets by maintaining situational awareness of potential and developing risks. The position is also responsible for monitoring and protecting data and systems from infiltration, exfiltration, and cyber-attacks. The Senior Information Security Analyst supports all areas of information security including security operations, incident response, DLP techniques, monitoring, SOC controls and compliance, and vendor management.
Job responsibilities include, but are not limited to, the following:
Contributes to the development, review, and maintenance of information security requirements, policies, and procedures for colleagues and contracts for customers and suppliers.
Works with internal IT and external vendor teams to ensure network equipment is properly logged, installed, configured, and encrypted to protect sensitive information.
Assists in the identification, selection, installation, and management of tools to protect the company's assets including DLP, logging and monitoring, third party vendor management, penetration testing, and vulnerability scanning.
Monitors the organization's networks for security breaches and investigates a violation when one occurs.
Prepares and reviews reports that document security breaches and the extent of the damage caused by the breaches.
Manages information security focused projects internally and externally with customers and suppliers.
Works with internal and customer contacts to manage questionnaires, audits, interviews, evidence verifications, and participates in on-site audit reviews.
Participates in conference calls with customer's security team to help clarify and negotiate security requirements.
Assists in ensuring all SOC and other controls meet standards through periodic auditing and testing.
Manages penetration testing to identify and remediate vulnerabilities in systems before they can be exploited.
Manages and updates company's disaster recovery policy; oversees the disaster recovery testing.
Researches and analyzes the latest information technology security trends and methods of attack and proposes security standards and best practices for the organization.
Trains and helps computer users with current and new security products and procedures
Identifies and analyzes relevant risks and vulnerabilities and recommends actionable products in a timely manner to inform enterprise-wide security operations.
Researches open-source intelligence, social media platforms, and deep/dark web for known and potential threats capable of impacting our client.
Monitors geopolitical events of concern that might impact international travel, corporate events, and/or operations, and provides periodic and timely reporting.
Assists with the production of both tactical and strategic level reports.
Uncovers information gaps that can help identify potential threats in the short and long term and recommends security enhancements to management or senior IT staff.
Performs other duties as assigned.
Job RequirementsThe ideal candidate will meet the following requirements:
Bachelor's degree in Computer Science, Information Assurance, Programming or related field required
Master's degree in Information Systems preferred
Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
Three (3) or more years of information security, risk management, or related experience required
Thorough understanding and proficiency of the modern information technology and cybersecurity environment
Working knowledge of Internet protocols, firewalls and cybersecurity technologies such as IDS/IPS, NAC, MFA and Privileged Account Management
Knowledge of security frameworks and control sets including SOC2, NIST, OWASP, PCII
Knowledge of regulations including GDPR, NY DFS, PIPEDA
Analytical ability to study computer systems and networks and assess risks to determine how security policies and protocols can be improved
Detail orientation to detect minor changes in company's network, results, or processes to defend and respond to attacks
Highly proactive and creative in order to anticipate future security risks and implement new ways to protect the organization
Strong problem-solving skills to be able to respond to alerts and uncover and fix vulnerabilities in the network
Strong project management skills
Ability to multitask in a fast-paced environment
The Senior Information Security Analyst is responsible for safeguarding the company's technology assets by maintaining situational awareness of potential and developing risks. The position is also responsible for monitoring and protecting data and systems from infiltration, exfiltration, and cyber-attacks. The Senior Information Security Analyst supports all areas of information security including security operations, incident response, DLP techniques, monitoring, SOC controls and compliance, and vendor management.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.