IT Security Analyst (Contract/Temporary)
US-MO-Saint Louis
Corporate TKC
Req #: 38641
Type: Temporary
|
|
|||||||||
|
||||||||||
Overview: Are you looking for a career with premium benefits and the potential for growth? At TKC Holdings, we've created something special, a better place to work and grow. Many employees start just expecting a paycheck but end up with a rewarding career. We provide exceptional training and a clear career path. We are proud to be a military and veteran friendly employer. Responsibilities: The TKC Holdings, Information Security Analyst assists in all ongoing activities that provide appropriate access to and protect sensitive TKC Holdings and TKC Holdings companies' information (regulatory data, privacy data, cardholder data, intellectual property, and other sensitive business data) in compliance with applicable law, regulations, industry standards, and TKC Holdings' policies and standards. This responsibility is carried out by working with members of the TKC Holdings executives, management, and staff to foster the developmental and operational elements needed to assure appropriate information security, safeguards, and compliance throughout TKC Holdings and TKC Holdings companies. The Security Analyst - Compliance role will be working beside the Information Security Office team providing due diligence, audit coordination, and gathering documentation necessary for creating new policy and procedures while ensuring appropriate security controls that will minimize TKC Holdings' risk posture. This position will help identify, document, and communicate the appropriate security controls and plans to achieve compliance with applicable regulatory requirements. Essential Functions, Duties, and Responsibilities * Assist in ensuring TKC Holdings and operations comply with applicable information security laws, regulations, industry standards, and corporate policies. * Assisting in the developing of security policies and standards that incorporate regulatory requirements, industry standards, and best practices applicable to all TKC Holdings companies and operations. * Supporting regulatory compliance efforts and any other security-related projects. * Administer, manage, and report on the TKC security awareness program. * Assist in verifying third-party vendors' security to determine the level of risk to TKC Holdings. * Assist with creating and maturing sound security architecture for the group. * Work with third-party relationships as appropriate for security audits or regulatory compliance. * Participate with IT to ensure security policies and standards are adhered to. * Contribute to the development of new security standards. * Assist in risk assessment activities within the company for new projects or major changes to existing technology. * Conduct investigations of breaches to IS policy, standards or other IS-related incidents and reporting findings to Information Security Office management and Executives. * Assist with the development and continuous re-assessment of the risk acceptance for information security in the business. * Maintain industry awareness by regularly reviewing industry news and events. * Perform day-to-day tasks as it relates to the Information Security Office team. * Other duties as determined by the needs of the business. Qualifications: * Bachelor's degree in Computer science, Information Systems, Compliance experience or related field preferred or equivalent combination of education/experience. * Security+, Network+, SSCP, GSEC, or other security certification desired. * Familiarity with PCI-DSS requirements and applicability. * Familiarity with SOC2 compliance and reporting. * Ability to effectively communicate security-related concepts to a broad range of technical and non-technical professionals. * Ability to communicate directly with regulators or assessors when needed. * Strong written and verbal communication skills. * Familiar with security systems including SIEM / log collection; vulnerability scanning and reporting; firewalls, Active Directory / Group Policy, and end-point protection. * Familiarity with implementing and following industry security frameworks (NIST, ISO17799/27001, COBIT or CIS Critical Security Controls) is desired. * Ability to maintain security documentation and manuals. * Strong organizational skills with the ability to follow through and complete assigned tasks within a designated timeframe. * Experience with GRC tools is a plus.
Share this job:
