Information Security Analyst
- Oakland, CA
GlobalLogic is now home to more than 5,500 employees, delivering innovation to leading technology organizations around the globe. Fortune 100 technology leaders as well as cutting-edge emerging companies rely on GlobalLogic to build innovative software that provides a competitive edge in the global economy. With global innovation hubs on three continents, GlobalLogic allows clients to tap a highly skilled talent pool located in state-of-the-art labs that deliver leading-edge cloud, mobile, SaaS, and social applications. The company is connected globally by its award-winning "Velocity" innovation platform, and its teams thrive on Agile collaboration. Backed by tier-one investors Goldman Sachs, NEA, and Sequoia Capital, GlobalLogic is headquartered in the US and has offices in Argentina, Chile, China, Germany, India, Israel, Ukraine, and the United Kingdom.
For more information visit: www.globallogic.com
Responsible for preparing contingency plans for the organization’s systems, software, hardware, applications, processes and services. Responsible for ensuring the organization’s business resumption plans are up to date and adequately address the organization's needs. Responsible for technical security planning, testing, verification, and risk analysis in accordance with FFIEC, NCUA, and CFCU requirements. Assist in defining, deploying and monitoring risk management, compliance, and information security programs. Functions as primary IT disaster recovery coordinator.
Documentation - Authors and maintains the enterprise’s information security policies, standards, guidelines and procedures.
Assists in documenting CFCU’s internal systems, including network architecture, security architecture and defense in depth.
Security Monitoring - Monitors the security of critical systems (e.g., e-mail servers, database servers, web servers, etc.) and changes to highly sensitive computer security controls to ensure appropriate system administrative action, investigate and report on noted irregularities.
Regularly conducts network vulnerability assessments using tools to identify system vulnerabilities and develops remediation plans and assists with hardening procedures as appropriate.
Conducts security control assessments, and/or risk assessments as required.
Evaluates attack vectors and designs appropriate remediation strategies.
Assists in organizational compliance with CFCU information security program.
Manage the SIEM (Security Information and Event Management) infrastructure.
Conducts routine Social Engineering tests and clean-desk audits.
Disaster Recovery - Collaborate with business units to determine business continuity requirements and strategy, and conduct Business Impact Analysis for vital business functions. Document recovery priorities of the key business processes, applications and data.
Establishes disaster recovery testing methodologies. Plans and coordinates the testing of recovery support and business resumption procedures in different functional areas. Assures that recovery procedures are effective for the restoration of key corporate IT resources and for the resumption of critical systems.
Ensures Sungard hardware and software inventory are updated quarterly.
Coordinates/conducts routine tests of backup circuits and systems.
Security Strategy - Researches new developments in IT security and recommends new solutions.
Works to continually develop, enhance and support organization’s IDS, IPS and security measures.
Define, establish and manage Information Security Risk Metrics and report on effectiveness.
Evaluate and design criteria for security initiatives for IT.
Provides reports to supervisors regarding effectiveness of data security and make recommendations for the adoption of new procedures.
Keeps abreast of evolving external and internal threats and proposes mitigation strategies.
Lead the credit union’s IT infrastructure change management process, including hardware, systems, and release updates.
Provide top-tier Windows XP/Windows 7/2k8/2k12 and/or *nix system administration as required.
Stay abreast and maintain a working knowledge of frameworks and standards such as COBIT, ITIL, PCI-DSS, ISO 27001
Assist with after-hours system failures and emergencies.
Knowledge and experience of MS Active Directory
A strong understanding of MS Windows systems and networking
A strong understanding of security architecture
Knowledge of segmented, distributed architectures
A strong understanding of firewalls and firewall management
Some combination of CCNA/MCSE/CISSP/CISM certification desired.
Knowledge of internal control frameworks such as COBIT, ITIL, NIST, and ISO 27001 desired.
Knowledge of PIX/ASA is a plus
Experience with VMware is a plus
Bachelor's degree or equivalent in Computer Science or MIS from accredited four‑year college plus four years related experience and/or training, or equivalent combination of education and experience required. Master’s degree highly desirable.
For more information, please contact Nandan Ganeyan at 408.217.2351 or email resume to firstname.lastname@example.org