The Security Analyst will assess regulatory and technical physical security risk across the company and will guide the development of remediation strategies, in particular to Workplace Violence Prevention. They contribute to the development, implementation, and maintenance of company Security policies, standards, and processes that help identify and mitigate security risk. The Security Analyst monitors, tracks, and reports on compliance to physical security requirements and works with the responsible parties to drive timely remediation. They advise departments on the company's security policies, standards, and processes. They provide as needed training and awareness to company personnel. Also, the Security Analyst actively participates on inter-departmental and cross-functional working groups to ensure security requirements are met.
The Security Analyst assesses regulatory and technical security risk across the company and guides the development of remediation strategies. They contribute to the development, implementation, and maintenance of company Security policies, standards, and processes that help identity and mitigate security risk. The Security Analyst monitors, tracks, and reports on compliance to security requirements and works with the responsible parties to drive timely remediation. They provide as needed training and awareness to company personnel. Also, the Security Analyst actively participates on assigned inter-departmental and cross-functional working groups to ensure security requirements met.
- Serve as the subject matter expert for security related policies, standards, and regulatory requirements.
- Contribute to the development and maintenance of the company's security policies, standards, and processes.
- Conduct security risk assessments that analyzed both security controls and technical vulnerabilities. Provide as needed guidance to customers regarding their remediation plans and monitor remediation progress.
- Provide leadership and oversight for assigned security domains.
- Contribute to security risk identification, classification, and mitigation processes.
- Advise departments on security regulatory requirements, company security policies, and security best practices. Contribute to and provide security training and awareness to company personnel.
- Contribute to the development of security metrics. Track, analyze, and report security metrics and propose countermeasures to address security trends that are not in line with the company's desired risk profile.
- Contribute to the development and maintenance of the company's security controls framework. Research and stay abreast of emerging technologies, new vulnerabilities and exploits that may compromise the company's assets.
- Investigate and propose technologies and methodologies that can enhance company's security posture.
- Contribute to and manage security projects and initiatives and ensure the desired outcomes are delivered on budget and on schedule.
- Actively contribute to inter-departmental and cross-functional working groups to ensure security requirements met.
- Develops and maintains documentation for all assigned responsibilities.
Knowledge / Skills / Abilities:
- Hands-on experience with security risk management practices as well as knowledge of regulatory and industry compliance requirements such as HIPAA, HITECH, JCAHO, ISO 27001, PCI DSS etc.
- Strong functional knowledge of information security such as GRC, vulnerability scanning tools, access control systems, IDS/IPS; and associated technologies. Working knowledge of physical security.
- Proactive and self-sufficient in working to fulfill the objectives of this role.
- Ability to accomplish the objectives of this role by collaborating with others across the company and influencing them to take the appropriate actions.
- Exhibits excellent verbal and written communication skills. Excellent interpersonnal skills.
- Has outstanding project management skills with the ability to prioritize multiple, diverse, and simultaneous requirements.
- Strong analytical & problem solving skills.
- Hands-on experience with a variety of information security technologies
Treats all information and data within the scope of the position with appropriate confidentiality and security .
?? Cooperates fully in all risk management activities and investigations.
?? Reports promptly any suspected or potential violations to laws, regulations, procedures, policies and practices, and cooperates in related investigation.
?? Conducts all transactions in compliance with all company policies, procedures, standards and practices.
?? Demonstrates knowledge of all applicable compliance and legal requirements of the job based on the scope of practice of the position.
Minimum Position Qualifications:
?? Bachelor's degree or equivalent experience, with a degree in Information Technology, Information Security, Management Information Systems, or related area a plus.
5+ years hands-on information security risk management and hands-on technical security experience.
?? Strong working knowledge of security related regulations/control frameworks, with HIPAA, HITECH/Meaningful Use, HITRUST, COBIT, or COSO knowledge a plus.
License / Certification:
?? Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA)
Randstad is a $22.5 billion global provider of HR services and the second largest staffing organization in the world. From temporary staffing to permanent placement to in-house, professionals, search & selection, and HR Solutions, Randstad holds top positions around the world and has approximately 31,100 corporate employees working from its nearly 4,700 branches and in-house locations in 40 countries.
We are a company built on a deep network of expertise that crosses industries and geographies. We recognize that talent comes in different forms, that every business has its unique challenges and opportunities. And our recruiting experts are skilled at marrying talent and business—identifying the ideal professionals for an organization’s culture and its teams, its needs and its goals.
Salary: Market related