Information Security Analyst

Posted · Add Comment
Published: September 14, 2022
Location
St. Louis/WFH, MO
Job Type
Direct
Salary
Based on Experience

Description

This position is in a hybrid work environment - 3 days in office in St. Louis, MO and 2 days WFH.

Information Security Analyst III

The Information Security Analyst provides leadership and direction for the planning, architecture, operation and monitoring of all IT security programs with an emphasis on PCI compliance. This role seeks to protect against the unauthorized access, modification or destruction of the company systems and information assets. On an on-going basis, this position will manage all activities across the company to ensure ongoing data security and validation with current security standards.

Responsibilities

  • Assess and document security controls and vulnerabilities for data and user access across all company systems. Plan for mitigation and improvements utilizing best practices and current standards.
  • Monitor change control systems for system and network modifications and ensure they meet and maintain security standards.
  • Perform basic computer forensics as needed.
  • Evaluate, implement and maintain vendor supplied security hardware components & software packages.
  • Perform diagnostics for security problems and identify and analyze security risks.
  • Coordination of security assessments with internal audit and external vendors.
  • Identify and investigate security breaches and fraudulent activity within company systems.
  • Develop, maintain and manage PCI compliance program and other security initiatives. Develop project plans and execute efforts as necessary.
  • Develop security awareness and training programs for IT and employees who work with sensitive data.
  • Assist in the creation and management of IT Security and PCI Compliance policies, standards, procedures and guidelines.
  • Work with confidential information obtained through security scans and assessments of company systems.
  • Report status and progress on efforts to management as necessary.
  • Other related security duties as assigned.

Knowledge, Skills, & Abilities

  • Knowledgeable with PCI Compliance standards and assessments.
  • Completion of one of the Following Recognized Professional Certifications: QSA (Qualified Security Assessor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), Certified Ethical Hacker (CEH).
  • Familiarity with network and application security including firewalls, VLANs, routers, switches, Linux and Microsoft Windows and VMware operating systems, Oracle and Microsoft SQL Server databases, ecommerce, PCs.
  • Key understanding of core Information Security Areas (ID & ACCESS Management, Threat & Vulnerability Management, Information Risk & Governance, Network and Application Architecture, Incident Response, Security Strategy).
  • Hands-on experience with designing, implementing and managing an enterprise-wide security program.

Education and Experience

  • A./B.S. in Computer Science or related field or equivalent experience required. MS preferred.
  • 7+ years of experience in Information Technology. At least 4 years’ work experience in security systems and PCI compliance management.

Benefits

  • Fitness Centers
  • Credit Union Membership
  • Health, Dental, Vision Insurance
  • EAP
  • PTO and Holidays
  • 401K Plan and 401K Company Program
  • Retirement Benefits
  • FSA
  • Short-Term And Long-Term Disability Insurance
  • Life and AD&D Insurance
Apply
Drop files here browse files ...

Related Jobs

Manager, Technical Product Owner   St. Louis, MO new
January 25, 2023
Sr. Application Developer   Bridgeton, MO
January 18, 2023
January 12, 2023
Are you sure you want to delete this file?
/