Sr Information Security Analyst (Governance, Risk, and Compliance)

Sr Information Security Analyst (Governance, Risk, and Compliance)

100% Remote

Contract to Hire

Full-time o

Travel Requirements: no

Job Description:

AgreeYa is a global Systems Integrator and is seeking a Sr Information Security Analyst.  The Sr Information Security Analyst is responsible that person will be working on 3rd party vendor risk management, risk assessments. They will work with other units performing risk reviews, evolving and maintaining enterprise processes with multiple platforms of assessment: Cloud, On-Premis, Networking, Infrastructure, and a variety of applications.

Candidates must be able to be a part of the entire process lifecycle. Must work autonomously, with little direction and hit the ground running. There are a number of high priorities in this group right now, so being able to take immediate direction and perform is critical.

Job Responsibilities

Act as a subject matter expert and technical leader concerning complex information security technology, topics and issues. Responsible for technical and specialized duties in the areas of security framework, architecture design, risk management, incident management, vulnerability management, information security program and technology implementations, with the goal of improving the overall security posture of the organization.

Required Skills & Experience

• Provide subject matter expertise in defining, evaluating and recommending/implementing information security controls and technology to ensure the protection of the organization’s assets
• Lead the security architecture and technology design, identify gaps, recommend security enhancements and lead efforts to ensure security requirements are integrated and implemented
• Partner with the Architecture, Infrastructure and Technology teams to review existing architecture, identify gaps, and recommend security enhancements
• Assist in defining architectural and technology standards that impacts the security of systems and data
• Develops, validates, maintains and implements information security policies, standards, guidelines and procedures to ensure compliance with the Information Security Program
• Lead detailed risk analysis and risk assessment to identify, mitigate and control risks to infrastructure, information systems and data; advocate security and risk management to key stakeholders in order to balance security and business needs
• Lead third party evaluation to ensure that their technology environment appropriately protects shared data, that contracts have the appropriate security requirements, and that those requirements are met through regular audits and assessments
• Monitors changes in current threats and looks at trends for future threat analysis in order to proactively plan and design the environment to protect against current and future threats
• Bachelor’s Degree in Computer Science or related field or equivalent experience

Preferred Skills & Experience / Job Specifications

• Typically has the following skills or abilities:
• Minimum 6 years of hands-on technical information security experience
• Expert level knowledge of security principles and technologies
• Hands-on experience designing and implementing a variety of security solutions and technologies across multiple disciplines
• Broad experience with risk and threat assessment methodologies
• Proven ability to weigh business needs against risk concerns and articulate issues to business leaders
• Extensive experience implementing security controls to comply with various IT regulatory compliance requirements such as HIPAA and PCI as well as various standards including ISO 27001
• Strong, proven skills and ability to identify and analyse security vulnerabilities
• Experience performing network and application security penetration testing and/or vulnerability management, interpreting results and remediating findings
• Ability to interact with personnel at all levels of the organization and interpret complex business initiatives
• Ability to analyze various complex issues, projects, technologies and solutions
• Ability to regularly exercise discretion and independent judgment in the performance of his/her job duties.

Education

Bachelor’s Degree in Computer Science or related field or equivalent experience

About Us:

AgreeYa is a global systems integrator delivering competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 1,850 staff across offices. AgreeYa works with 500 organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public sector, Pharma & Biotech, and others. Please visit us at ;/a> for more information.

AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website to learn about our Career & Culture.