The Information Security Analyst is a member of the Security Testing Team. The role’s overall responsibility is to coordinate and enhance the discovery of host vulnerabilities and issues, the distribution of those findings to the appropriate teams, and provide consultation services to facilitate remediation.
– Assist in the development and maintenance of various security testing services including vulnerability scanning, configuration assessments, and network segmentation assessments
– Provide consultation services and remediation guidance for identified issues
– Provide system administration support for vulnerability scanner technology
– Develop and enhance custom scripts to automate security testing processes (e.g., vulnerability scanning and reporting)
– Provide recommendations for vulnerability metrics and other operational and Executive data points
– Bachelors in Computer or Software Engineering, Computer Science, Information Management, Information Science or a related technical field preferred
– 2+ years of experience working in information security or information technology roles
– Experience designing and engineering operational processes
– Demonstrated ability to interact with business and technical audiences across all levels of an organization
– Strong time management skills and experience handling multiple initiatives with competing priorities
– Strong analytical and technical skills
– Experience working in a service-oriented information security or information technology group preferred
– In-depth knowledge of common internet protocols (e.g., DNS, HTTP)
– Security knowledge across multiple security domains and technologies (e.g., operating systems, databases, networking, applications, identity and access management)
– Strong knowledge of and experience working in Windows and Linux environments
– Experience working with APIs (e.g., SOAP, RESTful)
– Experience working with common data formats (e.g., CSV, XML, JSON, Syslog, CEF)
– Ability to develop custom ETL and reporting scripts using common data querying languages/tools (e.g., Regular Expressions, XPath, XQuery, SQL, grep)
– Ability to develop custom scripts using common scripting languages (e.g., Python, PowerShell, VBA)
– Experience performing security testing activities (e.g., application assessments, penetration testing, vulnerability assessments) preferred
– Experience programming in object-oriented languages (e.g., C++, C#, Java) preferred
– Possession of industry certifications highly preferred including, but not limited to, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Web Application Penetration Testing (GWAPT), GIAC Network Penetration Testing (GPEN), Certified Ethical Hacker (CEH), and Offensive Security Certified Professional (OSCP)
We are an EOE F/M/D/V.
Global Payments, Inc. provides equal employment opportunities to all employees and applicants for employment without regard to race, color creed, religion, sex, national origin, age, citizenship, disability, veteran status or any other protected status. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.
Disclaimer: The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of responsibilities, duties and skills required.