Datum job openings in IT

EMPLOYMENT DETAIL

We provide highly competitive benefits, flexible contracting, opportunities for growth and a dedication to employee satisfaction.

Back to job list

Security Risk & Compliance Analyst

 
Location: Naperville, Illinois
ID Number: #SCS2009678 

Security Risk & Compliance Analyst

 

Description

JOB SUMMARY

Purpose:  This position supports the company's information security program to ensure the company’s information assets are adequately protected. The incumbent will collaborate with gas utility and commercial business units to define and implement business security requirements and goals, and to identify and resolve business security issues.  The position also supports information security compliance programs in response to regulations such as TSA, CFATS, FACTA, NIST, PCI, as well as other state, local, and federal security requirements.

JOB QUALIFICATIONS 

Education / Experience:       

  • Possess a broad-based and in-depth knowledge of information security methodologies, tools, technologies and best practices and how they relate to the organization
  • Ability to understand technical information security issues/concepts and bring to senior management in an understandable manner
  • Strong risk assessment skills required in order to adequately convey and remediate information security risks
  • Ability to move security initiatives forward while producing a culture of help and assistance and not roadblocks.
  • 3+ year IT security experience
  • Strong knowledge of networking technologies (TCP/IP, HTTP, SMTP, etc.)
  • Strong knowledge of web application vulnerabilities and solutions
  • Strong knowledge of Unix & Linux operating systems
  • Strong knowledge of the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs
  • Strong knowledge of web application technologies (HTML, JavaScript, etc.)
  • Ability to identify vulnerabilities in networks, systems and applications using COTS tools and manual processes
  • General knowledge of network and systems forensics
  • In depth knowledge of incident response processes and procedures
  • General knowledge of threat intelligence
  • A bachelor’s degree in Engineering, Computer Science or related field
  • Industry certifications highly preferred (CISSP, CISA, CISM, GIAC)
  • Valid state driver’s license

JOB RESPONSIBILITIES    

  • Serves as subject matter expert in specialized aspects of information security and emerging and advanced technologies 
  • Supports enterprise in all aspects of information security administration
  • Will be trusted to handle confidential situations and data and conduct investigations and analysis
  • Consults with IT and business units on the purchase and/or design of information security projects, emerging technologies, or technology-related services before they are implemented
  • Analyzes business data use processes against vulnerabilities and threats and counsels business units on consequences
  • Collaborates with cross-functional teams responsible for information systems security to ensure the confidentiality, integrity, and availability of data stored, processed and transmitted
  • Engages with operating, storage, regulatory, engineering, HR, legal, and training units to evaluate and implement security process for critical infrastructure and key resources
  • Audit’s business unit security activities to ensure compliance with all corporate information security policies and procedures
  • Establishes and executes program updates as necessary to adapt to the changing terrorist threat as well as local, state, and federal security requirements
  • Work with IT and business units across Southern Company Gas to deliver on business requirements, especially as they pertain to cyber security and compliance risk and mitigation
  • Assists with reviewing existing tools, applications, and processes to optimize current security capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness
  • Influence’s business partners to achieve compliance, identifies compliance initiatives, and promotes appropriate security policies
  • Review’s security events for anomalous activity, collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats
  • Leads the exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions

ADDITIONAL DETAILS

  • Must be able to pass reoccurring background requirements
  • This position is a member of Company’s Insider Threat Program
  • Must be eligible to obtain US Government clearance
  • This position requires frequent (up to 10%) travel to office locations. Overnight travel is expected.

“All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.”

Recruiter
Hi I'm
Christopher Yates
Interested in this job?
Act now!
  • Max. file size: 2 MB.
  • Equal Opportunity Employer

  • Hidden
  • Hidden