Information Security Analyst
- Recruiter
- UPS
- Location
- Mahwah
- Salary
- Competitive
- Posted
- 18 May 2022
- Closes
- 24 May 2022
- Job Type
- Information Security
- Employer Sector
- Technology, IT & Telecoms
- Contract Type
- Permanent
- Hours
- Full Time
CVD – Information Security Analyst
We're the obstacle overcomers, the problem get–arounders. From figuring it out to getting it done??? our innovative culture demands "yes and how!" We are UPS. We are the United Problem Solvers.
About Information Security at UPS Technology:
Our top–notch Information Security team quickly finds and responds to real time threats. These critical–thinkers have a hunger to keep ahead of new exploits and security trends. As a part of UPS InfoSec, you'll continue to uphold our reputation for integrity in this growing and ever–changing field.
About this role:
The Information Security Analyst participates in the identification, tracking, and monitoring of information security findings to ensure enterprise integrity against technical and physical risks. He/She conducts quality management reviews to evaluate the effectiveness of security controls. This position reports on the controls effectiveness for mitigating exposure to identified risks. He/She communicates security issues and control gaps through security governance processes. This position communicates, implements, and integrates risk management procedures across the enterprise. He/She participates in the development and maintenance of business continuity planning, data, systems, and network security for systems and controls related to their job duties.
Responsibilities:
IT Governance and Compliance
- Support IT compliance programs to ensure alignment with UPS organizational, regulatory, and risk obligations
- Monitor IT compliance with the organization's policies and procedures
- Monitor IT compliance with existing Federal, State and Local regulatory requirements
- Maintain information security and compliance metrics that are meaningful and actionable
- Ensure that reports, trackers, and visibility dashboards reflect the true state of compliance, for various audiences
IT Audit and Assurance
- Perform daily audit–related operational activities
- Work with business partners to track/manage remediation of control deficiencies identified during audits and compliance assessments
- Examination of internal controls to determine design and operational effectiveness
- Analysis and interpretation of regulatory compliance requirements
- Identify opportunities and make recommendations to improve the efficiency and effectiveness of IT internal controls and operating processes
- Perform compliance reviews of various applications and infrastructure
Minimum Qualifications:
- Experience with Information Security Controls, Regulatory Compliance PCI, Regulatory Compliance SOX, and Information Security Controls
- Knowledge of Data Analysis and Workflow Analysis
- Familiarity with Cloud Platform Security, Information Security Controls Assessment, and Information Security Project Management
- Exhibit a high–level of attention to detail, possess the ability to multi–task and adjust to shifting priorities
- Strong process analysis and implementation skills
- Experience with data handling and manipulation to support analytics and meaningful insights
- Ability to maintain documentation, manuals, produce reports and visibility
- Excellent interpersonal skills, oral and written communication skills, as well as strong organizational and planning skills
- Bachelor's degree in Computer Science, Information Technology, or related discipline
Preferred Qualifications:
- 1 year experience in an Information Security role, with specific experience in IT compliance/IT audit
- CISA/CRISC/CISM/CISSP or related security certification
- Experience and knowledge of IT Regulatory Compliance (PCI/SOX/CRAF) and IT Standards Compliance
- Security controls knowledge and experience meeting regulatory requirements through security controls on premise and cloud
- Knowledge of Cloud Platforms (such as GCP, AWS, Azure) and the Cloud Shared responsibility model
- Familiarity with a Governance, Risk and Compliance (GRC) tool (such as OneTrust) a plus
- Scripting/coding/programming ability (such as via Powershell, SQL, Python, R) a plus
- Visibility dashboard development experience (via a tool such as Power BI or Tableau) a plus
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law