Information Security Analyst
TrueAccord
IT
Remote
Posted on Saturday, November 18, 2023
The Opportunity:
TrueML’s InfoSec team maintains oversight and enforcement to ensure continued security and compliance. In this role, you touch the breadth of the operations working across all internal departments to identify and address information security issues systematically. The work will include security gap analysis, vulnerability management, event management, product engineers on best practices, and helping implement and validate relevant solutions.
What You'll Do:
- Hardening of technology, including software, hardware, and cloud services
- Support the enforcement and maturation of the vulnerability management program (detection, analysis, reporting, remediation assistance)
- Documenting security-related issues, initiatives, and rules
- Building and updating network and system diagrams
- Secure programming in a CI/CD environment
- Fully support the implementation of security safeguards that align with the business mission, goals, and objectives.
- Maintain compliance through regular security-related audits of laws, certifications, and contracts
- Administration of various security tools, including anti-malware, SIEM, security scanners, and other technical controls
- Designing and tracking security metrics
- Incident Response
- Data Security Maturation
What We're Looking For:
- Technical Baccalaureate, Degree in Computer Science or equivalent, and 3+ years of experience in information security
- Strong knowledge of information security fundamentals and Professional Certifications such as CISSP, C|EH, CompTIA CySA preferred
- Passionate about knowing the latest on trends and issues in the security industry, including new technologies
- Comfort with risk management frameworks and commercial certifications (PCI DSS, SOC 2, or ISO/IEC 27001)
- Technical knowledge of infrastructure, applications, and cloud security models
- Working knowledge of information security standards, rules, and regulations related to information security and data confidentiality
- Coding experience in Python and Linux shell scripting preferred
- Working knowledge of content trackers, ticketing systems, continuous integration and deployment technologies, and relevant cross-integrations
- Excellent written and verbal communication skills
Bonus Points:
- Existing Knowledge of TrueML environment and processes
- CIS Controls and Benchmark implementation and audit experience
- Knowledge of ISO27001, PCI DSS and SOC2 requirements/auditing