Information Security Specialist / AnalystBookmark This
This is an excellent poistion within IT Security. Please note that this is an analyst role, not a security administrator role. Must have experience supporting SDLC projects that have a security component inclusive of compliance issue tracking, reporting and remediation.
Support all Business Information Security Office (BISO) activities: including,
- Security exception request processing;
- Identify mitigating controls and exit strategies
- Privileged ID monitoring
- Maintain an inventory of all Annuities service accounts;
- Ensure privileged ID’s associated with high risk applications are
- Compliance monitoring, including but not limited to:
- Server, databases, LAN shares, lotus notes, transfers, open shares,
ID inactivity, administrative access, etc.
- Annual Application attestations
- Facilitate Access Reviews
- Provide External Service Provider Questionnaire (ESPQ) support -- work with the ESPQ lead to:
- Track and report-out on all ongoing, upcoming and completed ESPQ’s;
- Track and implement remediation plans for all issues/recommendations identified
- Develop and/or update all Statement Of Procedures relating to compliance reporting;
- Support all Corporate initiatives
- Participate in implementation of Enterprise security initiatives
- Provide support for SOX/internal audits, compliance, or risk inquiries
- Raising awareness
- Develop awareness campaigns for responsible tasks
- Proven ability to present technical concepts to all levels of
BS/BA degree in Management Information Systems, Computer Science or Engineering or equivalent work experience
MUST have at least two years proven SDLC experience.
Must have a strong IT background across all platforms and understand infrastructure platforms
Server and database knowledge
Knowledge of Security Administration is a plus, particularly, ITAM/ITIM, LDAP, Active Directory, RACF, Windows, UNIX.
Knowledge of user authentication and access controls.
Must have strong communication skills, both written and verbal;
Strong analytical and time-management skills;
Comfortable dealing with all levels and handling meetings and presentations;
Proficient in MS Office products, including but not limited to Excel and MS Access;
Knowledge of Prudential Annuities business functions and/or applications helpful;
Able to work independently and be a self starter; managing multiple tasks according to priorities; results oriented and proven ability to meet deadlines;
Knowledge of information security, privacy, and risk management principles
Strong initiative – able to get the task done with little direction
Ability to work in an extremely fast-paced environment with high expectations
Security Certifications (e.g., CISSP) a plus