Information Security Analyst

at Windham Professionals

Salem, NH

Posted on Sep. 8, 2016

Full Time

Windham Professionals, Inc. is a full-service Accounts Receivable Management and Customer Care Company. We have locations in NH, NV, NY, and TN and expanding. Consider joining our company as we are on the cutting edge of new growth creating a world class BPO service provider.

Security Analyst I is the entry level in the series, and initially works under close supervision. This level will assist in the definition of potential computer/communications systems security issues, and help identify viable alternatives. The Security Analyst I will participate in the running of vulnerability scans, analysis of the data and help with remediation of findings to ensure Windham Professionals remains in compliance in all aspects of the infrastructure.

The Security Analyst I works to gain knowledge and understanding of regulatory compliance concerns, data protection, industry standards, security and risk frameworks including FISMA, FDCPA, TCPA, COBIT, PCI-DSS, SOX, NIST and ISO 27001. The ideal candidate in this role is looking to expand their education, knowledge and understanding of security as a whole as well as network and access technologies.

Responsibilities:

Monitor CERT, FBI, NIST, and other applicable systems security sites and bulletins to ensure the organization is as current as practical with information on perceived and existing threats to its information systems. Provide notification via alert emails to appropriate systems personnel.

Assist in the development of processes to maintain business continuity and recovery standards for systems and networks of the organization.

Assist in the development and delivery of system security and business continuity/disaster recovery educational programs for all levels of the organization, including but not limited to the new hire process and ongoing awareness training.

Assist departments, affiliates, and associates with the development of security policies and standards to specify the functional requirements for systems security and access controls.

Perform development and maintenance activities on information security-related systems.

Analyze manual and automated Information Security functions and provide input to Information Security management and Executive Team.

Assist in conducting technical surveys and determine necessary countermeasures related to physical information leakage.

Assist in the delivery and formulation of Information Security Business goals.

Assist in the maintenance of compliance and regulatory required policy and procedure stores and updates as required.

Qualifications:

1. High School or GED required or some college coursework in Computer Science or Information Security and Combination of Experience.
2. Previous experience as a network engineer, developer or operations specialist.
3. Project Management experience helpful.
4. 1-2 years experience in IT.
5. Ability and desire to learn data security practices, procedures and resilient architectures in a highly regulated industry.
6. Ability and desire learn and understand regulatory compliance concerns and financial industry standards (e.g. FISMA, FDCPA, TCPA, COBIT, PCI-DSS, SOX, NIST and ISO 27001).
7. Basic understanding of network topologies, access controls, intrusion detection and related technologies.
8. Ability to work collaboratively and remain calm and focused during an audit or regulatory review.
9. Ability to handle confidential information responsibly and meet critical project timelines through effective project management principles.
10. Demonstrates understanding of relevant terminology, such as: threat, vulnerability, risk, asset, exposure, safeguards, etc.
11. Demonstrates fundamental understanding of risk, IT and security controls, compliance, authentication, accountability, data security, disaster recovery and contingency planning.
12. Ability to articulate technical processes, both oral and written, to different audiences and varying levels of complexity.
13. Demonstrates understanding of regulatory and compliance terminology, such as: NIST, SANS, CISSP, COBIT, PCI, ISO, etc.
14. Demonstrates fundamental understanding of Networking – TCP/IP and other protocols. Common network device functions, such as routers, switches, hubs, Wi-Fi access points, etc.
15. Interpersonal / relationship building skills with technical and business personnel
16. Experience with documentation tools e.g., MS Visio, SharePoint, or like applications.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit; use hands to finger, and talk or hear. The employee frequently is required to stand, walk, and reach with hands and arms. Specific vision abilities required by this job include close vision, and ability to adjust focus.

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderate

Windham Professionals provides Equal Employment Opportunity for all individuals regardless of race, color, religion, gender, age, national origin, marital status, gender identity, sexual orientation, status as a protected veteran, genetic information, individuals with a disability, and any other basis protected by federal, state or local laws. EEO/AA Disabled/Vet. #CB


Save job

Quick Apply

Choose One: Paste
Click to try another word
Save your application info for next time?
Yes, please! I agree to the Terms of Service.
Other Apply Options