Information Security Analyst III

Contract: Corp-To-Corp, Direct Hire

  • No Travel Required

Job Description

Job Title: Information Security Analyst III

Job Location: Saint Louis, MO

Responsibilities:

  • Assess and document security controls and vulnerabilities for data and user access across all organazation systems. Plan for mitigation and improvements utilizing best practices and current standards.
  • Monitor change control systems for system and network modifications and ensure they meet and maintain security standards.
  • Perform basic computer forensics as needed.
  • Evaluate, implement and maintain vendor supplied security hardware components & software packages
  • Perform diagnostics for security problems and identify and analyze security risks.
  • Coordination of security assessments with internal audit and external vendors.
  • Identify and investigate security breaches and fraudulent activity within organazation systems.
  • Develop, maintain and manage PCI compliance program and other security initiatives. Develop project plans and execute efforts as necessary.
  • Develop security awareness and training programs for IT and employees who work with sensitive data.
  • Assist in the creation and management of IT Security and PCI Compliance policies, standards, procedures, and guidelines
  • Work with confidential information obtained through security scans and assessments of organazation systems.
  • Report status and progress on efforts to management as necessary.
  • Other related security duties as assigned
Knowledge, Skills, & Abilities:
  • Knowledgeable with PCI Compliance standards and assessments
  • Familiarity with network and application security including firewalls, VLANs, routers, switches, Linux and Microsoft Windows and VMware operating systems, Oracle and Microsoft SQL Server databases, ecommerce, PCs
  • Key understanding of core Information Security Areas (ID & ACCESS Management, Threat & Vulnerability Management, Information Risk & Gover
  • nance, Network and Application Architecture, Incident Response, Security Strategy).
  • Hands-on experience with designing, implementing and managing a enterprise-wide security program.
  • Seven+ years of experience in Information Technology. At least 4 years' work experience in security systems and PCI compliance management.
  • Completion of one of the following recognized professional certifications: QSA (Qualified Security Assessor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), Certified Ethical Hacker (CEH)
Education:
B.A./B.S. or equivalent experience required. MS preferred.
Field: Computer Science or related field