This site uses cookies. To find out more, see our Cookies Policy

Systems Security Analyst in Lansing, MI at AF Group

Date Posted: 9/27/2018

Job Snapshot

Job Description



SUMMARY:

Research, implement and manage tools used for proactive monitoring of security threats. Manage incident response, conduct internal reviews on a periodic basis to measure compliance with policy and assist in external audits and assessments. Develop culture of security and conduct ongoing security awareness program. Assist in establishing company information security program. Active participation in all projects for security requirements to ensure that all projects incorporates security requirements. Ensures that technology risks are identified and managed according to the risk culture of the enterprise and advises management about risks to the business due to the implementation of technology used to operate the business. S/he will also perform compliance activities to ensure the successful implementation of the program and consult with technical and business teams regarding their changing business and technical plans to ensure that information security issues are addressed early in a project's lifecycle.



RESPONSIBILITIES/TASKS:

  • Day to day operational security activities of company infrastructure, applications, systems, desktops, data, access and identify management, incident response, security alerts and mitigation of risks.
  • Analyzes information security systems and applications.
  • Development and maintenance of the Company information security program, including policies, standards and guidelines to protect information against unauthorized modification or loss.
  • Development and maintenance of the information classification process, information risk analysis, assessment and acceptance processes. Advises business managers and technical personnel as to the security impacts of implementation of programs in their respective areas. Consults with business units regarding their changing business and technical plans to ensure information security issues are addressed early in a project's life and in the program.
  • Facilitate and manage security issues and concerns raised during the course of projects and day to day activities.
  • Provide direct consulting services and technical assistance as needed.
  • Serve as a member of the technical advisory committee to evaluate new technology resources for program compliance.
  • Participate in evaluating new security hardware and software technologies and provide an assessment of the risks/vulnerabilities and recommend mitigation strategies.
  • Document security processes and protocols for technologies and applications: how security is used and implemented, the environment, the security risks and vulnerabilities and control recommendations.
  • Contribute to the evolution of the risk analysis and IT workflow processes.
  • Performs compliance activities to ensure the successful implementation of the program.
  • Performs information security systems administration, as needed.
  • Act as a liaison on security matters between Internal Audit and IT, reviewing all audit reports and responses to ensure timeliness and effectiveness of corrective actions.
  • Provide management with regularly scheduled "State of the Information Security Program" reports. Develops incident handling framework and consults with management in times of an information security crisis to ensure that the crisis is managed properly both internally and externally.
  • Advise management of changes in the technical, legal and regulatory arenas affecting information security and computer crime.
  • Develop and foster relationships with both business and technology customers and maintain strong relationships with technical teams.
  • Ensure that all projects meet established objectives for cost, performance and timeliness.
  • Responsible for security project resource planning, justification and acquisition, including the recruitment, hiring and development of human resources as needed.
  • Responsible for leading change management activities to create high performance IT security operations.
  • Establish effective metrics for internal monitoring and Service Level Agreements with customers.
  • Monitor and Investigate SIEM security alarms
  • Perform routine security tasks such as documentation, reporting metrics and responding to support tickets
  • Review logs and reports of all security solutions for appropriate response

This position description identifies the responsibilities and tasks typically associated with the performance of the position. Other relevant essential functions may be required.