• United States



Job Post: Sr. Infosecurity Analyst

Jul 02, 20074 mins
Core Java

Senior Information Security AnalystCompany: ConfidentialLocation: Portland, OR

We’ve been retained by a company that for nearly 100 years has quietly earned a reputation for service, financial strength and product quality. Today they are one of the nation’s most highly regarded providers of group disability, life and dental insurance, retirement plans, investment advice, individual disability insurance and annuities.

The successful candidate will collaboratively and proactively: Delivers services that protect the confidentiality, integrity, and availability of information through a comprehensive Information Security Program. Consults on information assurance for our lines of business to successfully acheive their strategic goals with the confidence of security in the design, development, and operation of reliable, secure practices that conform to generally accepted practices and current legislation or regulations.  Responsibilities: 

• Consulting – Leads effort to identify opportunities for providing Information Security consulting services to the Company. Provide project compliance certification in the area of Information Security. Initiates inter-organizational relationships that facilitate communications and awareness of Information Security activities.

• Risk Management and Controls – Leads risk assessment of environment and recommend appropriate controls to mitigate identified risks. Proactively verify appropriate controls are implemented and tested. Assist with the completion of risk exception requests and identification of appropriate alternatives is possible. Track risk exceptions and provide risk gap analysis for the enterprise.

• Awareness – Lead Information Security Awareness activities within the organization. Provide education to management and staff of security standards and practices. Identify new methods of communication to communicate Information Security’s goals and objectives.

• Policies and Standards – Develop, maintain, and review Information Security policies and standards to safeguard the Company’s information assets. Identify policy gaps through metrics and identify mitigation alternatives.

• Planning and Incident Response – Participate as a member of Information Security team, providing pertinent security information and input to strategic and tactical planning. Act as a member of the security incident response team.

• Vulnerability Monitoring and Threat Assessment – Prevent, detect, and correct vulnerabilities and threats to the Company’s information assets. Make recommendations to management to enact precautions or remediation, or both, to correct identified vulnerabilities.

• Professional Development – Regularly attend conferences, professional association meetings, and technical symposia to maintain awareness of the latest information security technological developments. This includes participation in appropriate security organizations including speaking engagements, authoring articles or other activities that demonstrate industry leadership.


• Bachelor Degree or equivalent work experience. A minimum of 10 years progressively responsible work experience including hands-on experience in analysis of information systems, with a minimum of 7 years of experience related to information security.

• Lead and facilitate work teams in a high performance environment. Understand how people, processes, and technology impact and contribute to a successful Information Security program. Strong interpersonal skills and the ability to work successfully with both business and technology teams to identify requirements and control objects for secure environment. Provide mentorship to other members of the Information Security team.

• Ability to express ideas clearly in both written and verbal communication; plan and organize own work; provide (24×7) on-call support; quickly learn and apply new technologies; lead technical project teams; plan and manage technical projects; identify and apply technical solutions to business problems and opportunities; evaluate and recommend business security models and applications for their fit with Standard’s strategic computing environment and direction; develop appropriate security architecture documentation.

• Working knowledge of Information Security core principles as identified in the CBK as published by the (ISC)2. New concepts and developing advancements in the Information Security field and methodologies.

• Advanced knowledge of best and industry specific Information Security practices; implications of Information Security and control design for all platforms used at the company; data analysis practices

• CISSP and CISA certifications strongly preferred.

Contact Information:Vince AmelaRecruiterGenerator Group,