Back to Job Search

Security Analyst Coordinator

Posted 3 months ago

Are you a seasoned security analyst with enterprise level experience?  If so we have a contract to possible permanent opportunity in Birmingham that could use your expertise include project manangement. In this position you will support the Enterprise Security Strategies across the company and be the liaison with the holding company. Additionally you will support the Information Protection strategic project, which includes Data Loss Prevention (DLP) capabilities. Ensure the production environment remains SOX and PCI compliant based on the access controls, tools, policies, and procedures implemented. This is not a TECHNICAL role but more project management and coordination with teams sharing your knowledge.

SCOPE

  • Support the implementation and on-going support & administration of the Symantec DLP (Data Loss Protection) System environment
  • Support the implementation and on-going support & administration of DB2 Security & Configuration Management system
  • Assess procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction. Make improvement recommendations
  • Ensures compliance with organizational security rules and standards
  • Ensure compliance with internal application security controls
  • Conduct research to keep abreast of latest security issues
  • Prioritize remediation of gaps based on internal and external audits
  • Prepare security and compliance reports by collecting, analyzing, and summarizing data
  • Support SOX & PCI compliance through support of GPC Enterprise Security Strategy initiatives
  • Support SOX & PCI Compliance by review of key controls and monitoring
  • Support of SOX Audit and PCI by collecting and tracking requested evidence by Moore Colson and EY
  • Assist in planning and execution of vulnerability testing for application systems and the network environment
  • Assist in providing support of the enterprise vulnerability management program
  • Assist in providing support of the Security Operations Center (SOC)

Key Accountabilities:

  • Proactively work with the platform managers to resolve weaknesses and security incidents identified within the DLP system
  • Proactively work with the platform managers to resolve weaknesses in configuration and security definitions within the DB2 systems
  • Proactively review our environment to determine if there are any gaps in our SOX, PCI or security controls
  • Using installed tools and services identify security vulnerabilities
  • Take action to ensure reported vulnerabilities are remediated in a timely manner as approved by management
  • Work with other staff members as needed to remediate security weaknesses & vulnerabilities
  • Review DB2 changes to ensure security and configuration compliance
  • Review LAN/WAN changes submitted for update to the production environment
  • Review Application Changes to ensure a scan is performed when required
  • Ensures all policies are followed and proper documentation is on file
  • Provide system admin support for DB2 security & configuration system
  • Provide reports of weaknesses in configuration and security to the various platform managers for resolution
  • Research any issues that are raised during the various audits
  • Review and assist with user application security requests
  • Review controls to prevent service impacts cause by unauthorized access
  • Daily communication with all IT departments
  • Communication with management anytime a control exception or security incident is identified
  • Outstanding oral and written communication skills
  • Supports company safety and health programs
  • Have a clear understanding of emergency procedures and responsibilities
Education and Experience:
  • Ability to quickly understand security systems in order to identify and validate security requirements
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Security knowledge of one or more of the following platforms: Windows/Linux
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays
  • Willing to share knowledge and assist others in understanding technical and business topics
  • Strong analytical, technical, and problem solving skills
  • 4-Year college degree required
  • Knowledgeable in the use of MS Office Software suite
  • Experience with DB2 environments preferred
  • Experience with DLP technologies strongly desired/preferred
  • Minimum of five (5) years of experience in information technology and at least two (2) years in information security and/or IT governance/compliance related roles