Information Security Analyst
Chicago, IL or Atlanta, GA
The Information Security Analyst is passionate about providing security to the organization while not compromising productivity. The analyst will oversee the Security Governance, Risk Reporting, and Compliance Program for Haivision. The Information Security Analyst is responsible for all deliverables related to information security activities, and communicating the posture of Haivision’s Information Security to the information security committee.
- Work with the Information Systems team to monitor, assess, and perform application vulnerability assessment scans and risk assessment reviews to ensure that Haivision’s IT assets are properly protected.
- Act as the subject matter expert for security governance, risk reporting, and compliance, while ensuring proper security controls are in place that mitigates risks to an acceptable level and aligns with Haivision’s security policies.
- Provide in-depth technological advice and governance guidance.
- Develop company-wide best practices for IT security.
- Collaborate with the security team on the formulation of long-term strategies for the deployment of Information Security technologies, processes and prepare planning and project documents as required.
- Ensure that stakeholders are properly consulted, and operational impacts identified to maximize the usage of Haivision resources, in addition that assigned projects are implemented in an optimum manner, on time and within budget.
- Stay up-to-date on information technology trends and security standards.
Skills and Qualifications
- Bachelor’s Degree in Computer Science, Engineering, or related discipline
- 7+ years’ experience in a technical environment (development or related), with a minimum of two or more years of information security experience
- Experience with computer network penetration testing and techniques
- Solid understanding of governance, risk, and compliance activities.
- Experience with compliance programs as well as their technical and security requirements
- Experience working in an ISO 27001 environment considered a definite asset
- Advanced knowledge of security technology and risk assessment methodologies, policies and processes
- Excellent analytical, evaluative, problem-solving and innovation abilities to ensure effective mitigation measures and risk treatment are in place
- Experience in developing an enterprise dashboard and creating reports to the proper level of management (operational, tactical & strategic)
- Knowledge of/experience with in LAN, WAN, Routers, firewall, IDS/IPS systems – Ability to scan large networks using vulnerability scan tools and write risk mitigation plans according to the assessment
- Understanding of patch management with the ability to deploy patched in a timely manner while understanding business impact
- Experience in Security/fortifying with O365
- Experience on fortifying Windows, Max OS & Linux (Ubuntu)