Information Security Analyst - Columbus, OH
Work Location: On-Site Full-Time
Start Date: August 2024
Rate: Not Defined / need Candidate’s requested rate
Hours: 40 hours full-time
US Citizenship Required

Position Details:

Responsibilities:
• Provide daily operational support to end users with Information Security concerns/questions.
• Monitor and respond to security system alerts and notifications. Investigate/escalate security incidents. Assist with security related issues.
• Enforce security policies and procedures by administering and monitoring appropriate systems, events, answering concerns/questions and providing training for the organization.
• Assist in the monitoring and auditing of the join, move, leave process and other identity and access management activities.
• Create, develop and maintain organized documentation of Security products including specific tools, technologies and processes, and security procedures for the organization
• Ensure the safety of information systems assets and protect systems from unauthorized access by performing system access reviews (for internal applications and Cloud services) and documenting any findings.
• Perform information security risk assessments on products, processes, vendors, and systems with consideration of good security best practices and the Company’s overall risk appetite
• Test & evaluate security controls across the environment
• Document and manage security exceptions, violations, incidents and other risk concerns to closure.
• Actively monitor new and emerging security related technologies, trends, issues, and solutions and assess their applicability. Make recommendations for preventive measures as necessary.

Qualifications:
• 2-5+ years of experience in a security compliance role leading technical security and privacy compliance audits and assessments to include SOC, or PCI-DSS
• Experience with cloud-based concepts; as well as development and auditing of controls preferably AWS and Azure
• Experienced at assessing enterprise SaaS and cloud offerings, including various infrastructure platforms such as Linux, Windows, SQL Server, Oracle
• Knowledge of key technical concepts such as network design, cloud platform architecture, and experience with and understanding of information security governance programs and control framework concepts, particularly the NIST Cybersecurity Framework
• Knowledge of information security best practices, frameworks, regulations, and regulatory trends
• Experience with Microsoft Office, various GRC, control monitoring and cybersecurity tools

Interested parties that meet or exceed the requested qualifications, please send a detailed resume and rate expectation to Erika Roden at ENR@BCPEngineers.com