Senior Information Security AnalystCompany: ConfidentialLocation: Portland, ORWe’ve been retained by a company that for nearly 100 years has quietly earned a reputation for service, financial strength and product quality. Today they are one of the nation’s most highly regarded providers of group disability, life and dental insurance, retirement plans, investment advice, individual disability insurance and annuities.The successful candidate will collaboratively and proactively: Delivers services that protect the confidentiality, integrity, and availability of information through a comprehensive Information Security Program. Consults on information assurance for our lines of business to successfully acheive their strategic goals with the confidence of security in the design, development, and operation of reliable, secure practices that conform to generally accepted practices and current legislation or regulations. Responsibilities: • Consulting – Leads effort to identify opportunities for providing Information Security consulting services to the Company. Provide project compliance certification in the area of Information Security. Initiates inter-organizational relationships that facilitate communications and awareness of Information Security activities. • Risk Management and Controls – Leads risk assessment of environment and recommend appropriate controls to mitigate identified risks. Proactively verify appropriate controls are implemented and tested. Assist with the completion of risk exception requests and identification of appropriate alternatives is possible. Track risk exceptions and provide risk gap analysis for the enterprise.• Awareness – Lead Information Security Awareness activities within the organization. Provide education to management and staff of security standards and practices. Identify new methods of communication to communicate Information Security’s goals and objectives. • Policies and Standards – Develop, maintain, and review Information Security policies and standards to safeguard the Company’s information assets. Identify policy gaps through metrics and identify mitigation alternatives.• Planning and Incident Response – Participate as a member of Information Security team, providing pertinent security information and input to strategic and tactical planning. Act as a member of the security incident response team.• Vulnerability Monitoring and Threat Assessment – Prevent, detect, and correct vulnerabilities and threats to the Company’s information assets. Make recommendations to management to enact precautions or remediation, or both, to correct identified vulnerabilities.• Professional Development – Regularly attend conferences, professional association meetings, and technical symposia to maintain awareness of the latest information security technological developments. This includes participation in appropriate security organizations including speaking engagements, authoring articles or other activities that demonstrate industry leadership. Qualifications: • Bachelor Degree or equivalent work experience. A minimum of 10 years progressively responsible work experience including hands-on experience in analysis of information systems, with a minimum of 7 years of experience related to information security. • Lead and facilitate work teams in a high performance environment. Understand how people, processes, and technology impact and contribute to a successful Information Security program. Strong interpersonal skills and the ability to work successfully with both business and technology teams to identify requirements and control objects for secure environment. Provide mentorship to other members of the Information Security team.• Ability to express ideas clearly in both written and verbal communication; plan and organize own work; provide (24×7) on-call support; quickly learn and apply new technologies; lead technical project teams; plan and manage technical projects; identify and apply technical solutions to business problems and opportunities; evaluate and recommend business security models and applications for their fit with Standard’s strategic computing environment and direction; develop appropriate security architecture documentation.• Working knowledge of Information Security core principles as identified in the CBK as published by the (ISC)2. New concepts and developing advancements in the Information Security field and methodologies.• Advanced knowledge of best and industry specific Information Security practices; implications of Information Security and control design for all platforms used at the company; data analysis practices • CISSP and CISA certifications strongly preferred.Contact Information:Vince AmelaRecruiterGenerator Group, LLCvince@generatorgroup.net Related content feature What it takes to be a malware analyst The proliferation of ransomware and other attacks has increased demand for experts who can analyze how the software works and devise a response. By Bob Violino Jun 15, 2017 7 mins Careers IT Leadership Security news New CISO Chris McDaniels to help drive Mosaic451’s cybersecurity practice The US Air Force veteran brings deep experience in cyber defense and emergency response. By Michael Nadeau May 23, 2017 2 mins IT Leadership Security news Veristor hires Jackie Groark as director, security/CISO Groark, an expert in threat detection and intelligence, will lead the company’s security practice. By Michael Nadeau May 17, 2017 2 mins IT Leadership Security news BJC names Matthew Modica as its first chief information security officer Modica will be responsible for all levels of security, from operations to IT to facilities. By Michael Nadeau May 15, 2017 1 min IT Leadership Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe