Information Security Analyst

Description

 

Get to know Alorica!
At Alorica, we only do one thing – make lives better, one interaction at a time. We’re a global leader in customer service and experience and serve the world’s biggest brands with 92,000 employees in more than 150 locations around globe.
Working at Alorica means having the freedom to explore all kinds of career options – from customer service, training, and tech support, to management, recruiting and more. Whatever your passion, we’ve got a position that meets it! Alorica offers fun, challenging opportunities to pursue your professional goals, and we want you to have fun and succeed – because when you’re at your best, that’s when we’re at our best.
Job Summary 
Monitors, evaluates, and maintains risk related procedures, promotes risk policy awareness, and/or tracks and reports on risk compliance in line with established IT Control policies, processes and procedures to protect the data systems and databases from unauthorized users.  Identifies potential threats, records security violations and initiates response/resolution protocols.
 
Essential Duties & Responsibilities
 
• Administers, monitors, and maintains core information security tools including but not limited to Intrusion Detection and Prevention System (IDS/IPS), two factor authentication system, remote access, monitoring and Logging, anti-virus, encryption, SIEM, forensics.
• Collects and compiles metrics for IT and business reporting. Updates reporting decks for review by management and presentation to IT and firm wide leadership
• Tracks project activity and representation duties. Alternate InfoSec representative on company projects. Monitors project adherence to security baselines. Escalates variances to the attention of senior team members.
• Provides IT staff with advice on security architecture objectives and components. Represents Information Security on project teams to ensure compliance with policy and architectural objectives. Escalates non – compliance to senior team members for resolution.
• Provides Information Security policy awareness and consulting within the Information Security team and across IT.
• Maintains policy library. Tracks policy review according to defined schedule. Escalates concerns over policy review cycle including delays and needs for new policy documents. Researches, recommends, and implements changes to procedures and systems to enhance data systems security.
• Initial point of contract for vendor requests. Facilitates vendor visits, access requests, and collects sample data to support testing.
• Tracks request for contract reviews to ensure the proper resources are assigned and responses are returned within SLA
• Monitors, reviews, and coordinates efforts for ensuring adherence to regulatory and external requirements to provide input into audit and customer inquiries.
• Identifies communication requirements based on emerging issues and provides awareness input into annual training program. Provides ad – hoc security awareness advice across IT.
• Sends and receives Vendor Risk Assessment Questionnaires (VRAQs). Evaluates returns for accuracy and completeness, compiles answers and tracks documents in repository
• Monitors log files and Information Security Systems for threats/risks, vulnerabilities, viruses, and network hacks within the Company environment and generates tickets to address alarms  Monitors real-time policy based monitoring systems and responds to non-compliant activities, events, or notifications.
• Identifies potential threats and respond to security violations. Determines causes of security violations and recommends corrective actions to ensure data security. Manages incident reporting and tracking site and ensures investigations are assigned for review and closure.
• Tracks, analyzes, and reports the status of legal and regulatory compliance of Information Security policies, procedures, and configurations. Escalates findings for resolution. Maintains an awareness of regulatory and contractual compliance impacts within IT
• Reviews and resolves Help Desk trouble tickets. Escalates tickets as necessary to SMEs for resolution. Ensure tickets are being responded to in accordance with established service levels.
• Responsible for understanding and complying with all policies, procedures, and regulations relating to job duties.
• Perform other duties as assigned by management.

 

Qualifications

 

Qualifications & Requirements
Education: 
• Bachelor’s Degree in Computer Science, Business Administration or equivalent in relevant work experience.
 
Experience: 
• Three years of Information Technology experience and/or one to three years of compliance and auditing required.
• Five years of Information Technology experience and/or one to three years of compliance and auditing preferred.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or equivalent certification desired.
Knowledge, Skills, Abilities & Other Characteristics:
• Knowledge or experience complying with 1 to 3 of the following regulatory frameworks: Health Information Portability and Accessibility Act (HIPAA), Federal Information Security Management Act (FISMA), Sarbanes Oxley, or EU Data Privacy
• Knowledge or experience with 1 or more of the following security frameworks and reporting/assessment  methodologies: Payment Card Industry Data Security Standard (PCI DSS), ISO 27002, and Service Organization Controls (SOC 1/2) reporting
• Knowledge or experience with 1 or more of the following security disciplines: Strong Authentication, Access control, Network Security, Cryptography, Security policy and control development, forensics & investigations, or secure application development
• Knowledge or experience with security controls associated with at least 1 of the following Operating systems and utilities: UNIX, Linux, Windows, Active Directory, and Group Policies
• Proficient personal computer skills including Microsoft Office.
• Excellent interpersonal, written, and oral communication skills.
• Ability to prioritize and organize work in a multitasked environment.
• Ability to adapt to a flexible schedule.
• Ability to maintain the highest level of confidentiality.
Position Scope
• Supervisory/Management Responsibility: None
• Proficient in at least one security discipline.
• Proficient in at least one business discipline / functions.
• Relationships:
o Internal –
o External –
Work Environment
• Office environment.
• Ability to lift and/or move 20 pounds with or without accommodation.
Disclaimer
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification.  It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Employer reserves the right to modify this job description, including by adding, removing, and altering job duties.

 

Job

: IT 

Primary Location

: United States-Florida-Plantation 

Schedule

: Full-time

Source:https://aloricajobs.taleo.net/careersection/nonstaff/jobdetail.ftl?job=116567&src=JB-10129