Information Systems Security Analyst
WHAT PROBLEMS WILL YOU BE SOLVING?
The Information Systems Security Analyst is responsible for managing Calabrio’s Information Security Management System (ISMS) and ISO 27001 certification.
This role will provide security and compliance consultation as the subject matter expert to all business functions while maintaining compliance with industry standards and regulatory requirements following ISO/IEC 27001:2013. This role will also assess information risk and facilitate remediation of identified vulnerabilities as well as coordinating investigation and reporting of security incidents.
- Define, implement and maintain corporate security policies and procedures that meet existing and newly developed policy and regulatory requirements including compliance with ISO 27001.
- Manage the annual ISO 27001 certification audits, corrective actions, and third party audit vendors as required by the company and its customers.
- Develop, implement, and maintain a Business Continuity Management (BCM) test plans.
- Manage intrusion detection and prevention systems to safeguard information systems and networks.
- Anticipate security alerts, incidents, disasters and reduce their likelihood.
- Coordinate reporting, investigating, resolving of security incidents and provide a thorough post-event analysis.
- Perform vulnerability testing, risk analyses and security assessments.
- Establish plans and protocols to protect information systems against unauthorized access, modification and/or destruction.
- Design and implement training programs focused on information security user awareness and security compliance.
- Communicate applicable policy and regulatory changes impacting corporate security initiatives with key stakeholders across all departments.
- Assess, test, and select new security products and technologies as needed.
- Monitor and inspect key security performance indicators and properly report any identified risks or threats.
- Prepare and possibly present technical reports for executive management as needed.
WHAT SKILLS WILL MAKE YOU SUCCESSFUL?
- Full understanding of ISO 27001 & 27002 certifications.
- Experience in network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
- Experience in Security Information and Event Management (SIEM).
- Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
- Excellent verbal, written and interpersonal communication skills to interact with team members, senior support personnel, high level personnel and customers
- Strong communication skills, including in challenging situation
WHAT IS REQUIRED FOR YOU TO APPLY?
- Bachelor’s Degree in Information Systems, Computer Science, Information Security or related field required.
- 3+ years’ experience in information security.
- Security certifications preferred
- Project management skills
WHAT VALUES ARE IMPORTANT TO CALABRIO?
- Collaboration amongst teams
- Open communication across the company
- Customer Success!