Analyst III, Information Security 115-20 at The Humane Society of the United States

Posted in Management 28 days ago.

This job brought to you by eQuest

Type: Full-Time
Location: Gaithersburg, Maryland





Job Description:



The Humane Society of the United States (HSUS), the nation’s most effective animal protection organization, is seeking an Information Security Analyst III for the Information Technology department. This position will be responsible for the organization’s information security and risk management program. Provide daily maintenance/administration of security controls that protect the organization’s network infrastructure and systems. Ensuring controls are adequate and in compliance with organization policies and any regulatory requirements (PCI, GDPR, etc.) in protecting the organization’s intellectual property in the form of data transmission, data storage and data at rest. Be cognizant of industry trends with regards to information security concepts, attack methodologies, and threat mitigation capabilities. Help support a security aware culture through training and communications.




This position will be responsible for:




 






  • Ensuring the overall risk posture of the organization’s systems and information assets;





  • Assessing and identifying risks and establishing plans/actions to mitigate or reduce to acceptable level;





  • Developing and maintaining a security conscious culture through training and awareness communication as well as ensuring staff has the requisite knowledge and resources to deter cybersecurity attacks;





  • Providing guidance on security best practices and considerations with regards to new business processes or solutions implementation;





  • Managing applicable relationships and activities with vendors and service providers; to include due diligence activities and risk rating of vendor services;





  • Leading and managing response activities to cybersecurity incidents;





  • Establishing response plans and ensuring all applicable teams are trained on roles and responsibilities;





  • Establishing and leading processes that ensure service continuity during declared disasters;





  • Developing and assisting with tests of Disaster Recovery Procedure for all systems;





  • Leading and participating in organization wide projects that involve IT/Security;





  • Supporting risk assessment activities where applicable (new projects; annual audits, etc.);





  • Overseeing daily security / compliance operational task;





  • Reviewing and administering the organization’s perimeter, network, and host-based security controls;





  • Ensuring adequate network protection and logical access by staff; ensuring adequate control for all organizational systems;





  • Reviewing and monitoring security activity daily; providing appropriate alerts/response to anomalous activity or threats;





  • Establishing and providing security status to management through dashboards, routine reports, etc;





  • Establishing and reviewing security related logs and events weekly – this includes firewall, perimeter threat protection service, A/V, and system access logs;





  • Investigating reported threats from all sources to ensure validity then remediate where applicable;





  • Maintaining a current knowledge of industry trends, new solutions/technologies, and news related to information security and cybersecurity.





 




Qualifications and Requirements:




 






  • Bachelor’s degree in Information Technology, Information Security, Cyber Security, or another related field required;





  • Minimum of five years of experience in cybersecurity or risk management required;





  • Proven experience in conducting risk assessment or leading risk management activities strongly preferred;





  • Project management experience strongly preferred;





  • Experience working with internal/external auditors, establishing and tracking plans of action, and milestone to risk mitigation activities strongly preferred;





  • Experience in managing perimeter controls (firewalls, IDS/IPS, threat management solutions) strongly preferred;





  • Understanding or previous experience working with risk management and compliance frameworks such as NIST, ISO 27001, PCI, GDPR, etc. strongly preferred;





  • Certifications - Security+ or other related cert (CCNA Security) strongly preferred;





  • CISSP, CISM, or CASP preferred;





  • Attention to detail with a demonstrated commitment to excellence and performance improvement and the drive to deliver quality and value-added results and outcomes;





  • Ability to read and comprehend the content of documents and take appropriate action;





  • A professional presence and strong interpersonal skills for interacting in a courteous, timely, and diplomatic manner with all levels of employees as well as other parties/stakeholders involved with the organization;





  • A customer focus which demonstrates proactive, responsive services;





  • Excellent communication skills with the ability to organize, present, and articulate ideas both verbally and in writing;





  • Strong analytical skills with the demonstrated ability to gather and evaluate complex data and information and develop a recommendation and plan of action;





  • Ability to assess situations and information, think creatively, devise a better way of doing things, and make good judgments in the execution of job responsibilities;





  • Strong project management skills for planning and executing multiple projects and priorities;





  • Excellent organizational skills with the ability to prioritize workload and meet deadlines with an appropriate sense of urgency;





  • Ability to work independently, as an effective team member and with all levels of the organization;





  • An interest in and commitment to animal welfare and protection is highly desired.



     





When applying, please submit your cover letter and resume together: https://www.humanesociety.org/job-opportunities




This position will be based out of Gaithersburg, MD.




Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identify, disability, marital or parental status, or protected veteran status. EOE