Sr. Security Analyst

Every year, nearly 200 million travelers trust our client to get them where they're going. Take your career to new heights by working for this longstanding leader in air travel that services more worldwide destinations than any other airline.

Our client is hiring a Sr. Security Analyst to join their team, hybrid in Atlanta, GA.

Contract Duration:12 Months on W2, eligible for full benefits, potential to extend

Required Skills & Experience

• 6+ years experience required.
• BS/BA degree with three (3) or more years of relevant experience in related field or any combination or equivalent EDUCATION / PERSONA, experience, and formal training that allows the candidate to meet the requirements of the job.
• Deep understanding of NIST 800-171 and NIST 800-53 controls and compliance requirements.
• Prior experience with U.S. Government IT compliance requirements - in particular Cybersecurity Maturity Model Certification (CMMC).
• Solid understanding of government Information Security regulations, pertinent control frameworks, and required compliance documentation. Experience in developing and maintaining System Security Plans (SSPs).
• Strong written and verbal communication skills across multiple channels and organizational levels and the ability to research and interpret regulatory requirements, providing concise summaries to business partners and to senior leadership. Skilled in drafting and interpreting policies and procedures.
• Practical audit and control testing experience with the ability to manage projects and drive actions across functional areas.
• Ideal candidate will possess all of the above plus airline industry experience, broad range of exposure to business planning, systems analysis, and/or application development.
• Experience in data administration and security methods, plus experience in various database design techniques; familiarity with multi-platform environments, and IT auditing.
• Communication Skills - The ability to communicate verbally and in writing with all levels of employees and management, capable of successful formal and informal communication, speaks and writes clearly and understandably at the right level.
• Integrity and Trust - Involves being widely trusted, being seen as a direct, truthful individual, can present the unvarnished truth in an appropriate and helpful manner, keeps confidences, admits mistakes, and doesn't misrepresent him/herself for personal gain.
• Teamwork - Involves working well in a collaborative setting, supporting work team by volunteering for and completing assignments, acting as a positive team member by contributing to discussions, developing and maintaining both formal and informal relationships enterprise-wide, defines success in terms of the entire team through mentoring and knowledge transfer.
• Technical Expertise - Involves demonstrating a commitment to increasing knowledge and skills in current technical/functional area, keeping up to date on technical developments, staying informed as to industry practices, knowing how to apply relevant technical processes to appropriate business needs.
• Dedication - Involves demonstrating a desire to dedicate time and energy to accomplish goals, tasks, assignments, etc. Will do what it takes to get things done.
• Functional Expertise - Involves demonstrating knowledge of policies, general practices, procedures, etc. relevant for the area in which he/she works.
• Interpersonal Skills - The ability to successfully, professionally, and diplomatically interact with others and develop relationships with people who have widely varying styles, levels in the organization, and knowledge of IT.
• Problem Solving - Uses rigorous logic and methods to solve difficult problems with effective solutions, probes all fruitful sources for answers, can see hidden problems, is excellent at honest analysis, looks beyond the obvious and doesn't stop at the first answer.
• Task Management - Delivers quality work on time, translates planning into action by following applicable established procedures or methodologies, proactively monitors and controls task status by collecting and analyzing task data to anticipate and address barriers, appropriately communicates and resolves or escalates any problems that arise.

What You Will Be Doing

Daily Responsibilities

• Responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
• Work with management, development personnel, risk staff, auditors, facilities, and security department personnel to identify and implement security plans to ensure that all information assets are appropriately safeguarded, including the following:, software applications, hardware, telecommunications, and computer installations.
• Determine methods of implementing and enforcing security policies.
• Responsible for maintaining a high level of user trust and confidence in the group's knowledge of and concern for security of systems, while working on multiple network security projects.
• Lead development of information security technology tasks and projects. 4
• Ability to communicate with all levels of management.
• Generate, coordinate, and maintain of project plans.
• Develops cost analysis estimates for information security tasks and projects.
• Keep project plans updated as required. Interact with customers as required by project objectives.
• Understanding of business process as it relates to information security.
• Define, redesign, and document security processes and procedures.
• Coordinate the development and delivery of awareness for information security.
• Work with resource owners to determine appropriate security policies for securable resources.
• Consult with IT staff to evaluate, select, install, and configure hardware and software systems that provide appropriate security functions.
• Assist resource owners in understanding and responding to security failures/problems.
• Assist in determining cause of security related events and identify potential security related events.
• Communicate to appropriate personnel on normal and exception processing of security authorization requests and/or breaches.
• Assist with documentation of security policies; maintain resource classification, may be required to present on security status, project status, and security training to management and IT personnel as needed.
• Assist in proactively protecting the integrity, confidentiality, and availability of information in the custody of or processed by the company.
• Consult with business units to ensure selection and use of realistic enforcement mechanisms.
• Aid in review of security policies and auditing of logs.
• Assist in developing and maintaining effective disaster recovery plans, processes, and procedures.
• Assist in Research, evaluate, design, test, recommend, and plan implementation of new or improved information security research, evaluate, design, test, recommend, and plan implementation of new or improved information security technology.
• Train information owners in the implementation of necessary computer security controls.
• *May perform other duties as assigned.