-
ID
#23291043 -
Job type
Permanent -
Salary
Depends on Experience -
Source
Stater Bros. Markets -
Date
2021-11-05 -
Deadline
2022-01-03
Security and Compliance Analyst 3
California, Sanbernardino, 92401 Sanbernardino USAPermanent
Vacancy expired!
- Support activities to strengthen the IT Security Program
- Provide consultative direction to less experienced Security Analyst(s).
- Identify risks, evaluate deficiencies, and provide recommendations on remediation efforts.
- Ensure systems are in compliance with IT policies, standards, procedures and regulatory requirements.
- Responsible for identifying complex control gaps.
- Responsible for the assessment, verification, review and audit of computer controls across the enterprise.
- Work with IT leadership to mature the IT compliance framework and integrate it into the business culture.
- Participates in penetration testing and compliance audits of all enterprise systems.
- Ability to articulate ideas to both technical and non-technical audiences.
- Review and interpret evidence for vulnerabilities or control deficiencies; work with stakeholders for resolution.
- Identify, document and report risks associated with control failures and support finding mitigating controls.
- Perform other duties as required.
- High School Diploma or equivalent required.
- Bachelor’s degree in Information Technology preferred.
- 6+ years of experience evaluating compliance controls across security technologies and architecture.
- Demonstrated knowledge of evaluating risk assessments, vulnerability assessments, and penetration tests.
- Advanced knowledge of encryption, network security design, and security group configuration.
- Strong experience with preparing, planning, and coordinating execution of IT audit assessments.
- Strong experience performing multi-platform level audits based on predefined test plans and objectives.
- Strong knowledge of auditing tools such as Redseal, Nipper, Rapid7 Nexpose, Qualys or similar
- Excellent planning, organizational, and project management skills.
- Experience with risk control frameworks: PCI, ISO, COBIT, COSO, and ITIL.
- Extensive experience with intrusion detection, data loss prevention, and identity management.
- Strong understanding of firewalls and network segregation for secure alcove design for PCI compliance.
- Experience with managing the execution of compliance activities within IT roadmaps and planning.
- Experience with change management methodologies and IT service management.
- CISA, CRISC, CISSP or equivalent is required
- CEH, CISM, or equivalent is highly desirable
Vacancy expired!
Report job