Sr Security Analyst

Overview

On Site
$120000 - $130000 per annum
Full Time

Skills

Sr Security Analyst

Job Details



Sr Security Analyst



The Sr. Security Analyst is a key leadership position within organization, providing expert consultation within the security realm. This will include security training, policy development, risk management, and vendor management. This role requires a proactive approach to leadership, overseeing team members, mentoring colleagues, and fostering growth within the team. The Sr. Security Analyst must have a strong understanding of internal systems and their impacts on projects, systems, and overall business operations. Additionally, this role plays a pivotal part in IT Governance, Risk, and Compliance, leading risk assessments, security impact evaluations, and control assessments for the organization and third-party vendors.

Essential Functions

Oversee and mentor team members, fostering professional development and knowledge-sharing across the organization.

Lead and collaborate on the planning and execution of assessments, audits, and policy development initiatives.

Strengthen the overall security posture of organization and its partners.

Demonstrate expertise in IT Management and collaboration with Managed Security Service Providers (MSSPs) for SOC support.

Conduct thorough risk analyses, design remediation plans, produce detailed reporting, and identify/implement compensating controls.

Maintain comprehensive knowledge of policies (new and legacy), standards, and their integration with applicable systems.

Provide consultation on the design or modification of software, networks, hardware, and operations to ensure alignment with security best practices.

Evaluate and ensure proper documentation of policies, procedures, standards, and operational tracking to meet organizational or regulatory requirements.

Recommend, plan, and occasionally sponsor projects to achieve and maintain compliance with relevant security frameworks and standards.

Oversee the execution of corporate Quarterly Access Reviews using Identity and Access Management (IAM) tools.

Demonstrate advanced expertise in Security Information and Event Management (SIEM) and reporting dashboards.

Recommend and assess system enhancements and innovative security solutions.

Act as a security and risk advocate, providing expert advice and guidance across the organization.

Adopt a culture of continuous improvement and collaboration within the team.

Education and Experience

Experience:

o Minimum of five years of progressive experience in Information Technology, with a specialization in Governance, Risk, and Compliance, including leadership in IT compliance, risk management, and audit initiatives.

o At least two years facilitating audit engagements to ensure compliance and operational excellence.

o Proven expertise in IT risk management, with three years of experience identifying, assessing, and mitigating risks through evaluations arend strategic consulting.

o Hands-on experience in IT infrastructure, including network topology, Microsoft operating systems, patching, change management, and Active Directory.

o Over three years of experience in control monitoring, reporting, and automation of validation processes to enhance compliance operations.

o Proficiency in managing and evidencing controls within hybrid cloud environments, including SaaS, PaaS, IaaS, and traditional data centers.

Frameworks and Standards:

o In-depth knowledge and application of NIST, ISO, and other key risk and control frameworks in cyber strategy development and implementation.

Tools and Technologies:



  • Strong working experience with Microsoft Defender, Intune, Active Directory, SentinelOne, IronScales, Sumo Logic, Rapid7, Cybercast (Program Maturity), Qualys, Nessus, and Azure environments.


Education and Certification:

o Bachelor's degree in Information Technology, Information Assurance, Business Administration, Accounting, or a related field.

o Industry-recognized certifications preferred, such as CISM, CISA, or equivalent.

Key Attributes

Extensive understanding of IT governance, risk, and compliance principles, utilizing cutting-edge technologies and practices to drive success.

Strong ability to execute access validation processes, ensuring the integrity and security of systems.

Exceptional leadership skills, with the ability to oversee and mentor team members, providing guidance, support, and professional development opportunities.

A collaborative mindset, fostering teamwork and continuous improvement across the organization.

Advanced analytical, strategic, and leadership capabilities focused on elevating organizational cybersecurity and compliance.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.