DaVinciTek Jobs
Jobs > Senior Information Technology Risk Analyst

Senior Information Technology Risk Analyst (closed)

Location New York, NY
Employment TypeFull Time
Job Description

Senior Information Technology Risk Analyst - Threat Detection and Management

Our large multi-national corporate client with a presence in over 60 countries is seeking to hire a Senior IT Risk Analyst to assist in the management of their global threat detection systems and policies.

The Sr. IT Risk Analyst for Threat Detection and Management is responsible for understanding cyber threats to the security of all information, networks and computer systems, including the protection of data from unauthorized use or access. This individual collaborates with IT management and company executives to assist with identification and understanding of risks to, and the effect on, business operations stemming from the current threat environment, with the objective of enabling resource decisions that serve threat-reduction business objectives. The individual also works across the global IT organization to drive risk identification and mitigation activities associated with cyber threats.

Responsibilities

Develop and maintain comprehensive approach to management of cyber threats, both external and internal, for both client-facing applications and network, and internal applications and networks.

  • Collaborate with Sr. Network Architect in selection and configuration of Intrusion Detection/Protection systems for protection of all global datacenters and networks
  • Ongoing management of IDS/IPS, including configuration, technology upgrades, interfaces with Managed Security Services, and interfaces to log management systems.
  • Develop and maintain comprehensive approach to log management, including collection (coherent with ongoing Managed Security Service log collection), recognizing requirements for threat discovery (e.g., access review), compliance reporting (access reporting controls), and retention
  • Develop and operate processes for client reporting on client-facing systems
  • Collaborate with Legal on retention requirements, and collaborate with team members responsible for development of log management and retention policies
  • Collaborate with Applications Development on development of logging features that allow for integration with other log management practices, and participate in development of related policies for application development.
  • Develop and maintain firewall management policies and controls in collaboration with team members responsible for all policies and controls on.
  • Conduct periodic rule and configuration reviews for firewalls, load balancers, and other devices and services that protect C&W?s network, workstations, servers, and installations.
  • Contribute to governance, and lead remediation of related risks, deficiencies, gaps, or issues.
  • Participate in security incident response and remediation as appropriate.
  • Support vulnerability assessments, both internal and external.
  • Use and contribute to use of company?s GRC system, when implemented.
  • Contribute, as a team member, to all other risk, security, and privacy initiatives and services as appropriate.
  • Work with auditors and vendors who support security and privacy maturity development, and with internal and external auditors.

 

Required Experience

  • Degree in computer science, engineering or related field
  • Certified Information Systems Security Professional (CISSP) required
  • 8 or more years? experience in IT Security positions with 2 or more years? experience in threat monitoring, detection, and remediation
  • Knowledge of IT processes and network management best practices
  • Excellent leadership and communication skills (verbal and written)
  • Ability to collaborate with business partners in setting business goals and objectives
  • Large multi-national company experience preferred
  • Exemplary networking and negotiation skills. Strong motivator and team player
  • Strong interpersonal skills and ability to work cross-functionally and across divisions with others
  • Knowledge of risk assessment methodologies, IT policies and standards, awareness and training. 
  • Knowledge of, and in depth experience with, more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery). 
  • Strong interpersonal and influencing skills. 
  • Ability to manage and analyze data. 
  • Experience raising awareness of security throughout an organization. 
  • Experience in the training of other IT Security professionals and non-IT related personnel
  • Strong teambuilding skills including promoting cooperation and good working relationships among peers and team members, remaining positive and supportive during change, and building rapport and trust with IT Risk stakeholders and other business partners. 
  • Strong problem solving and program execution skills. 
  • Experience with IT risk standards and industry best practice approaches, such as ISO 27001 / 2, CobiT, COSO, ITIL, etc.

 

 

Stay in touch with DaVinciTek

Silent Follow

Get job updates anonymously