DaVinciTek Jobs
Jobs > Senior Information Technology Risk Analyst

Senior Information Technology Risk Analyst (closed)

Location New York, NY
Salary/Pay Rate--
Employment TypeFull Time
Job Description

Responsibilities

Develop and maintain comprehensive approach to management of cyber threats, both external and internal, for both client-facing applications and network, and internal applications and networks.

  • Collaborate with Sr. Network      Architect in selection and configuration of Intrusion Detection/Protection      systems for protection of all global datacenters and networks
  • Ongoing management of IDS/IPS,      including configuration, technology upgrades, interfaces with Managed      Security Services, and interfaces to log management systems.
  • Develop and maintain      comprehensive approach to log management, including collection (coherent      with ongoing Managed Security Service log collection), recognizing      requirements for threat discovery (e.g., access review), compliance      reporting (access reporting controls), and retention
  • Develop and operate processes for      client reporting on client-facing systems
  • Collaborate with Legal on      retention requirements, and collaborate with team members responsible for      development of log management and retention policies
  • Collaborate with Applications      Development on development of logging features that allow for integration      with other log management practices, and participate in development of      related policies for application development.
  • Develop and maintain firewall      management policies and controls in collaboration with team members      responsible for all policies and controls on.
  • Conduct periodic rule and      configuration reviews for firewalls, load balancers, and other devices and      services that protect C&W’s network, workstations, servers, and      installations.
  • Contribute to governance, and      lead remediation of related risks, deficiencies, gaps, or issues.
  • Participate in security incident      response and remediation as appropriate.
  • Support vulnerability      assessments, both internal and external.
  • Use and contribute to use of      company’s GRC system, when implemented.
  • Contribute, as a team member, to      all other risk, security, and privacy initiatives and services as      appropriate.
  • Work with auditors and vendors      who support security and privacy maturity development, and with internal      and external auditors.

 

Required Experience

  • Degree in computer science,      engineering or related field
  • Certified Information Systems      Security Professional (CISSP) required
  • Symantec DLP (data loss prevention)
  • 8 or more years’ experience in IT      Security positions with 2 or more years’ experience in threat monitoring,      detection, and remediation
  • Knowledge of IT processes and network      management best practices Symantec
  • Excellent leadership and      communication skills (verbal and written)
  • Ability to collaborate with business      partners in setting business goals and objectives
  • Large multi-national company      experience preferred
  • Exemplary networking and      negotiation skills. Strong motivator and team player
  • Strong interpersonal skills and      ability to work cross-functionally and across divisions with others
  • Knowledge of risk assessment      methodologies, IT policies and standards, awareness and training. 
  • Knowledge of, and in depth      experience with, more than one major IT discipline (e.g., distributed      computing, networks, financial applications design and development, IT      security and business recovery). 
  • Strong interpersonal and      influencing skills. 
  • Ability to manage and analyze      data. 
  • Experience raising awareness of      security throughout an organization.      
  • Experience in the training of      other IT Security professionals and non-IT related personnel
  • Strong teambuilding skills      including promoting cooperation and good working relationships among peers      and team members, remaining positive and supportive during change, and      building rapport and trust with IT Risk stakeholders and other business      partners. 
  • Strong problem solving and      program execution skills. 
  • Experience with IT risk standards      and industry best practice approaches, such as ISO 27001 / 2, CobiT, COSO,      ITIL, etc.
Stay in touch with DaVinciTek

Silent Follow

Get job updates anonymously