Rango de Edad: 25-50 años
Idioma (s): Inglés
Jornada: Tiempo completo
Disponibilidad para viajar: No
Disponibilidad para cambiar residencia: No
Licencia de Conducir: No es requerida
Fecha de Contratación: 14-07-2020
Vacantes: 1 puesto
Tipo de Contrato: Tiempo indefinido
The Information Security Analyst provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of VXI’s electronic information by communicating risks to senior administration, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements. The analyst ensures programs, policies and procedures achieve the stated security goals of the organization through proactive management and analysis of security activity.
• Evaluate the operations and strategic plan to identify potential security and privacy requirements, challenges and concerns in order to proactively advise on security and privacy risks to be considered as part of planning.
• Submit tickets to the Service Desk describing security incidents with supporting information or evidence.
• Analyzes the current business and IT environment to detect critical deficiencies and recommend policies, procedures and systems to effect appropriate solutions for improvement.
• Conduct evaluations of IT risks and controls associated with infrastructure, and processes relating to PCI DSS, SOC II, ISO 27xxx, HIPAA, patch & vulnerability management, policy management, GRC tools.
• Facilitate resolution of IT audit, compliance, and information security-related issues and conduct periodic readiness testing of controls.
• Determines security risk and inefficiencies by conducting periodic audits and recommend procedures for mitigation.
• 2 years experience in in PCI DSS, SOC II, ISO 27xxx, HIPAA, patch & vulnerability management, policy management
• Experience working with GRC tools and general Infosec/IT Security
• Demonstrated strong knowledge of networks, desktops, servers, cloud and software as a service technology
• Knowledge of information risks and countermeasures
• Holdings one of the information security certificates (CISA, CISSP, ISO27001 or similar) is a plus