Senior / Lead Cyber Security Analyst
Walnut Creek Walnut Creek, CA 94507
Job Title: Senior / Lead Cyber Security Analyst
Location: Walnut Creek, CA - 94507
Duration: 6 months
About our Client : Our Client is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions – underpinned by the world’s largest delivery network – Our Client works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With approximately 425,000 people serving clients in more than 120 countries, Our Client drives innovation to improve the way the world works and lives
The Security lead is responsible for ensuring adherence to the Club’s information security strategy, programs and best practices. This is a highly visible hands-on position responsible for identifying and mitigating security risks across functions such as Corporate, Operations, ERS and Information Services. This individual is the resident security expert, and will security initiatives focused on PCI, Application, and Cloud security.
- Direct the areas of identity & access management, infrastructure security operations, security monitoring & reporting, application & data protection, compliance, business continuity planning and disaster recovery.
- Oversee all aspects of enterprise information technology security
- Identify security risks and develop solutions to eliminate or minimize them
- Maintain security policies and procedures
- Lead the corporate technology security incident response process
- Drive successful enforcement of security policies and procedures
- Manage security and operational assessments
- Manage remediation of any findings from internal or external assessments
- Lead implementation of security initiatives and projects
- Work with business units to design, implement and maintain business continuity and disaster recovery programs
- Implement and supervise corporate security awareness programs and required training for employees
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
- Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/ through enterprise workstations, servers and other systems and in databases and other data repositories.
- Ensure the enforcement of enterprise security documents.
- Supervise all investigations into problematic activity and provide on-going communication with senior management.
- Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
- Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
- Engage in ongoing communications with peers in Information Services as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
- Extensive experience in enterprise security architecture design.
- Extensive experience in enterprise security document creation.
- Experience in designing and delivering employee security awareness training.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Proven ability to lead complex initiatives in a matrix management paradigm.
- Issue/problem management and resolution skills, advanced time management, planning and multitasking aptitude.
- Strong understanding and experience with privacy and regulatory compliance including information security enterprise risk assessments, PCI remediation, data protection and strategy.
- Strong leadership, communications and presentation skills with the ability to clearly communicate status to senior management team
- Hands on MS Office and related productivity and communication tools
- Deep understanding and thought leadership in managed hosting services, IaaS and PaaS and the Cloud infrastructure and platform offering, structure and technologies.
- Experience successfully establishing secure IT operations and/or applications, experience working in an XaaS providers is helpful. Cloud provider experience coupled with data center experience (hybrid ops) is an ideal mix of background
- Must have experience in developing and creating policies in support of compliance initiatives with excellent knowledge of Sarbanes-Oxley requirements, Payment Card Industry Standards, Health Insurance Portability and Accountability Act, internal IT Audit Standards and Risk Management.
- Solid Project Management skills
- Excellent communications and interpersonal skills
- Vendor management skill
Education & Experience / Licenses & Certification:
- College diploma or university degree in the field of computer science and/or 15 years equivalent work experience.
- 10+ years successful career experience in progressively more responsible information systems and technology including at least 5+ years in IT security leadership and/or management roles.
- CISA certification mandatory
About ASK: ASK Staffing is an award-winning technology and professional services recruiting firm servicing Fortune 500 organizations nationally. With 5 nationwide offices, two global delivery centers, and employees in 42 states-ASK Staffing connects people with amazing opportunities
Ram Manturu @ firstname.lastname@example.org - 678-487-8570