OneNeck IT Solutions

  • PRINCIPAL SECURITY ANALYST

    Job Locations US-MN-Eden Prairie | US-WI-Madison | US-IA-Urbandale | US-IA-Cedar Rapids | US-CO-Denver | US-AZ-Scottsdale | TBD-TBD-TBD
    ID
    2018-13204
    Company
    OneNeck IT Solutions
  • Overview

    OneNeck IT Solutions has an exciting and unique opportunity for an experienced Principal Security Analyst.  We are open to filling this position near any of our physical office locations (Eden Prairie, MN; Madison, WI; Des Moines or Cedar Rapids, IA; Denver, CO; Scottsdale, AZ) or in cities close to our clients.

     

    This position conducts risk and compliance activities at customer sites, including analysis of customer secruity policies and assessment of their current security posture.  The Principal  Security Analyst partners with external auditors, security architects/engineers, and various program management areas to create cybersecurity recommendations, response plans, and direction for the customer(s).

     

    including analysis of customer security policies and assessment of their current security posture

     

    **Please note:  We can hire this position at a Principal Security Analyst I or II. Requirements for each position are listed in the qualifications section. We will assess applicants based on skills set and years of relevant experiences.**

    Responsibilities

    Works with senior level Cyber Security Analysts to conduct in-depth analysis of customer environment:

    • Utilizes OneNeck defined procedures for performing audit, assessments, and data gathering.
    • Assesses the effectiveness of existing security controls and provide recommendations. Analyze all audit and assessment data.
    • Develops report of recommendations for customer remediation to fill identified gaps in security posture.

    Works with senior Cyber Security Analysts to facilitate customer read-out of recommended cybersecurity preparedness and response posture:

    • Delivers report and explains findings and suggestions to customer.
    • Recommends operationally feasible and cost-effective solutions to reduce risk, as appropriate.
    • Helps facilitate review of changes in customer processes; standards and technology to ensure the effectiveness of security controls meet compliance requirements.
    • Reviews data flow diagrams, network, or conceptual architectural diagrams to help validate scope of most critical systems is appropriate.
    • Works with, and assists, customer on initiating their own self-assessments.

    Executes on agreed upon methodology to identify, test, and report on control operating effectiveness.  Partners with external auditors, security architects/engineers, and various program management areas.

    Qualifications

    Required Qualifications:

    Principal Security Analyst I

    • Bachelor’s degree (or higher) -OR- 4+ years professional work experience.
    • 3+ years Information Security compliance, security engineering or architecture experience.
    • 1+ years experience interfacing with customers and providing technical solutions.
    • Must have and maintain a valid driver’s license, insurance, and have access to reliable transportation.
    • Travel required per business need. Depending on location, travel of 50% or more may be necessary.

    Principal Security Analyst II

    • Bachelor’s degree (or higher) -OR- 4+ years professional work experience.
    • 7+ years Information Security compliance, security engineering or architecture experience.
    • 2+ years experience interfacing with customers and providing technical solutions.
    • Must have and maintain a valid driver’s license, insurance, and have access to reliable transportation.
    • Travel required per business need. Depending on location, travel of 50% or more may be necessary.

     Other Qualifications:

    • Experience with network security and/or IT audit.
    • Working knowledge of: PCI DSS 3.2, HIPAA applicable security / privacy controls, Sarbanes-Oxley (SOX) 404, ISO/IEC 27000 family of standards, NIST 800-53, NIST cybersecurity framework, and COBIT.
    • Training or Certifications: ISC2, SANS Institute/GIAC, CompTIA, Cisco, Palo Alto, Microsoft, VMWare, Offensive Security, PCIP.
    • General knowledge of common application security architecture and vulnerabilities (e.g. OWASP Top 10), attack techniques and remediation tactics/strategies.
    • Familiarity with common enterprise infrastructure (OS platforms, directory services, networking infrastructure, appliances, middleware, common security infrastructure)
    • Experience using GRC tools for security control assessment workflow and evidence gathering.
    • Knowledge of or experience with Rapid7, Qualys, or Tenable’s suite of assessment tools.
    • Strong computer skills including Microsoft Office (Excel, Word, Power Point, Project Manager, and Visio).
    • Project management skills. Effectively manage multiple, competing projects/priorities while achieving targeted completion results.  Communicate directly to technical teams and provide network architecture layout based on solutions' performance needs.
    • Ability to gather relevant facts and develop and successfully pursue a business case including revenue opportunities, network diagrams and capital requirements.
    • Ability to effectively work with technical and non-technical resources, able to partner with multiple business groups, managers, and network architects or engineers. 
    • Ability to stay up-to-date with the current cybersecurity threat landscape to account for changing circumstances when evaluating security risks, maintain technical proficiency via self or formal training.

    OneNeck IT Solutions LLC, a wholly owned subsidiary of Telephone and Data Systems, Inc., employs nearly 550 people throughout the U.S. The company offers hybrid IT solutions including cloud and hosting solutions, managed services, enterprise application management, advanced IT services, hardware and local connectivity via top-tier data centers in Arizona, Colorado, Iowa, Minnesota, New Jersey, Oregon and Wisconsin. OneNeck's team of technology professionals manage secure, world-class, hybrid IT infrastructures and applications for businesses around the country. Visit oneneck.com

     

    Benefits:

    As a part of your total compensation, #TDS provides a comprehensive, competitive benefit package. The benefit plans address both the immediate and long term needs that you and your family may have. For an overview of what we have to offer for full-time employees including vacation, health benefits and retirement options please click here.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed