Security Analyst

Location: Fenton, MO, United States Minor Outlying I
Date Posted: 27-04-2016
Based at our Fenton, Missouri headquarters you will be a member of the Corporate Information Security team. This team protects information assets by establishing and enforcing system access controls; managing and monitoring compliance activities, analyzing security problems and designing solutions. This position best fits a person who has had experience in an infrastructure technology role such as a server or network administrator or an application developer. He or she has experience in security as an analyst in more than one technical security area. This is a position that performs some hands on higher level technical assessments, also monitors/consults with operational security personnel in central information technology and in various Divisions. Because information security covers many domains, he or she needs to be well versed in an industry security framework preferably ISO 27001/2, and certified as a CISSP, CISA, or equivalent.

•Bachelor’s degree from a four-year college or university, or equivalent required.
•Security certification such as CISA, CISSP, or equivalent.
•A combination of a minimum of 5 years in a technical IT administrator role (i.e. server or network) and in an Information Security analyst role designing or performing/using more than one of: server hardening, firewalls, intrusion detection/prevention, data loss prevention, malware prevention, encryption, SIEM and/or vulnerability scanning tools (ex. Nessus, Webinspect)
•Minimum 1 year in more than one security subspecialties: identity management, access control, network, server and/or application security, risk management, vulnerability management, threat modeling, SIEM, etc…
•In-depth knowledge of an information security frameworks and compliance requirements such as ISO27001, PCI, SOX, and HIPAA.
•Must have excellent communication and customer service skills.

•Experience in administration of third party/vendor security compliance monitoring.
•Experience in defining control objectives for and/or performing SOC2 audits.
•Experience and knowledge of security/access control technologies such as Microsoft Active Directory, ADFS, SAML, rights management, etc…
•Automation and/or application development experience with .Net, Java, Powershell, Perl, etc…
•Researching feature sets and evaluating security technologies and assessment.
•Experience implementing security controls for systems hosted in an IaaS, PaaS and SaaS cloud environment.
The Timberline Group
Phone: 636-209-5537
PO Box 565, Sullivan, Mo 63080
"Delivering quality solutions through quality people"
this job portal is powered by CATS