Senior Information Security Analyst
Senior Information Security Analyst
Monster is looking for a Senior Information Security Analyst to join our team! This position will focus on managing Information Security processes, controls and operations associated with monitoring, analysis, and responding to various types of security issues, both actual and potential, as well as the execution of security controls to prevent the exfiltration of company information and maintain the security of Monster data, customer information and overall environment. This role will focus specific domains of information security including incident response processes, understand the activities of Governance, Risk Management and Compliance (GRC), application security, operations, and development team’s ways of working.
This position will be responsible for coordinating the information collection and reporting activities required to successfully control instances of security incidents, social engineering, phishing, spoofing and other security related activity. In addition, this position will be responsible for assisting management with the development, implementation and execution of product development plans and technical solutions to address and resolve any security issues that have been identified or projected.
- Identify threats to services, systems, user experiences and user data and propose security control mitigations and defenses.
- Lead team discussions and processes related to analyze security, technology and operational risks and provide recommendations to enhance the security control procedures.
- Investigate and report instances related to security of services, systems and database, including but not limited to reported security incidents, event anomalies, phishing, spoof e-mailing and social engineering threats.
- Pro-actively identify, implement, and manage security controls to prevent and detect security risks
- Conduct application vulnerability tests against company properties.
- Assist with design and develop "Security by Design" processes, tools, and systems securing all services and systems in the environment.
- Implement Security Reviews in collaboration with applicable teams and stakeholders.
- Performs threat modeling, vulnerability analysis, penetration testing, code reviews, and SDLC support.
- Review and approve internal security-related requests.
- Assist with the development, implementation, and execution of strategies to pro-actively prevent and address fraud and compliance issues.
Knowledge and Skills:
- 8 + years of experience in Information Security or Information Technology, development, system or network administration with a security focus.
- Certifications: CISSP, CISM, GIAC or equivalent common body of knowledge experience.
- Have identified and communicated numerous security defects in services, products or processes.
- Experience with managing security incident response, vulnerability management secure development, risk management or overall information security management and operations processes
- Interact with cross-functional teams in a dynamic, customer-focused environment.
- Experience with cloud service providers (i.e. AWS, Google, Microsoft) and working in IaaS/PaaS/SaaS environments.
- Experience with various information security solution tool sets (i.e. IDS\IPS, log management\SIEM, secure development assessment tools, etc.)
You searched and didn’t find the right fit?
No problem. Join our talent community to stay connected.SEND US YOUR RESUME