Back to Job Search

Information Security Analyst (Remote)

Posted about 1 month ago

Terrific Contract Opportunity!

Come work for one of the largest insurance companies in the U.S. and help people and businesses become smarter and better prepared to protect the things that matter most to them.

Position: Information Security Analyst (Remote)

Location: Woodland Hills, CA 91367

Term: 12 months

Day-to-Day Responsibilities:

  • Work with SOC reporting leads to identify, assess, document, and articulate all types of data security and data privacy risks in addition to appropriate countermeasures and controls to address data security and data privacy concerns, particularly according to SSAE 18 SOC reporting requirements.
  • Support completion of Shared Assessments Standardized Information Gathering Questionnaire.
  • Work with team to build a process to intake third party assessment requests from customers and business partners.
  • Design enhancements for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity.
  • Identify and document security control objectives that demonstrate how security is integrated within IT processes.
  • Design processes to ensure legal and regulatory security compliance requirements are met.
  • Interpret irregular and indeterminate patterns of noncompliance to determine their impact on levels of risk and overall effectiveness of the enterprise’s cybersecurity program.
  • Participate in audits of cyber programs and projects. Demonstrate ownership of assigned audit actions or regulator requests by diligently providing responses and evidence within established timeframes.
  • Build and manage relationships with a wide network of local business and IT front-line and senior stakeholders. Demonstrate the value of information technology (IT) security throughout all levels of the organization.
  • Influence business and IT teams to create innovative and sophisticated solutions to complex problems.
  • Create, review, and update security policies, procedures, standards and guidelines.
  • Lead creation of milestones and timelines for assigned security projects/initiatives.
  • Demonstrate ownership of assigned projects from initiation to completion.
  • Serve as an internal consultant in multiple areas of security expertise.
  • Drive medium-scale to enterprise-wide projects forward with minimal oversight.
  • Utilize security reporting data to recommend leading-edge solutions or policy changes.

 

Is this a good fit? (Requirements):

  • High school diploma or equivalentISACA Certified Information Systems Auditor (CISA) required or Any of the equivalents below:

o ISACA’s Certified in Risk and Information Systems Control (CRISC)

o ISACA’s Certified Information Security Manager (CISM)

o ISACA's Certified in the Governance of Enterprise IT (CGEIT)

o ISC2’s Certified Information Systems Security Professional (CISSP)

  • At least 3 years of external/internal audit experience or prior work experience with a consulting/auditing firm.
  • Strong familiarity with governance and controls frameworks, such as COBIT, COSO, ITIL, NIST, and ISO.
  • Specialist must have experience with SAS 70/SSAE 16/SSAE 18 SOC reporting, readiness assessments, or other commensurate IT Audit/Compliance experience to document controls, gather evidence, perform gap analysis, and drive gap remediation.
  • Direct knowledge of and exposure to SAS 70/SSAE 16/SSAE 18 SOC reporting.
  • Solid experience in testing, evaluating, and documenting controls for compliance.
  • Solid understanding of assessing and designing internal controls in an enterprise-level environment.
  • Strong project management skills.
  • PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.

 

Even better if you have:

  • Bachelor's degree in Information Systems or related discipline.
     

 

If this sounds like the perfect fit, apply today!