IT Security Analyst - CISSP GIAC
- Los Angeles, CA
Our client is an industry leader in the Entertainment industry. This company has an amazing company culture that is truly above and beyond its competitors. They are a true leader in their industry and continue to branch out into new areas to stay competitive
Location: Culver City, CA
- Monitor and provide advice on information security issues related to the systems and workflow at clients CMS to ensure that internal security controls for the organization are appropriate and operating as intended.
- Perform analyses, both quantitative and qualitative, of risk issues for numerous measuring instruments and data systems daily; generate complex threat models as required.
- Collaborate with Client Services team to identify emerging risks and threats required to acquire, inform, and retain clients.
- Manage interdepartmental communication and execution regarding various IT security projects and incidents.
- Develop and publish Information Security policies, procedures, standards, and guidelines based on knowledge of best practices and compliance requirements.
- Conduct enterprise-wide data classification assessment and security audits and manage remediation plans.
- Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities.
- Conduct security research to stay current with latest security issues. Create, manage, and maintain user security awareness.
- Prepare Information Security Management System (ISMS) documentation, including department policies and procedures, campus notifications, web content, and security alerts.
- Actively participate in the higher education security community such as ISACA, OWASP, etc.
- BA or BS in Computer Science, Management Information Systems, or related field.
- 3+ years of progressive experience in computing and information security, including experience with Internet technology and security issues.
- Strong analytical, technical, and problem solving skills.
- Ability to generate models and reports using tools such as Excel, Access queries, and SQL.
- Experience developing security policies, network penetration testing, application vulnerability assessments, risk analysis, and compliance testing.
- CISSP, GIAC, or other security certifications strongly preferred.
- Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.
- Excellent communication (oral, written, presentation), interpersonal, and consultative skills.