The Information Systems Security Analyst completes the systems security analysis, and supports the implementation and management of administrative, technical and physical safeguards to ensure the privacy and protection of company information and supporting technology and services. As an Information Systems Security Analyst, you will assist with defined tasks in support of the Information Security Program, such as Business Continuity Management (BCM), Incident Response, Cyber Threat Management, Risk Analysis, Control Design within Applications and Services, Evaluation of Control Effectiveness, and Staff Awareness, Education and Training.
- Completes research, development and implementation of straightforward information security initiatives, including review of policy, program, process, procedural and technology improvements and solutions to ensure they are current and meet business needs.
- Gather research covering latest securitythreats and vulnerabilities.
- Identifies weaknesses and exposures.
- Drafts and presents protection and mitigation strategies for peer review, input and feedback.
- Perform and lead certain procedural tasks found within cyberthreat management processes, such as gathering and reviewing threat intelligence, supervises vulnerability data and actions, reviewing consolidated data from security monitoring technologies, supporting countermeasure planning.
- Perform and lead certain procedural tasks found within event and incident response processes, such as identifies issues and actions, reviews artifacts and evidence, supervises coordination of tasks.
- Perform and lead certain procedural tasks found within control self-assessments and security exception/waiver processes, such as entering and reviewing critical assets and associated ratings, recommending action plans, submitting and reviewing security exception/waivers to asset owner.
- Perform procedural tasks found within othersecurity processes, such as information management, classification and protection; policy management.
- Ability to help employees and contractors understand their role in safeguarding information, technology and services by being an ambassador.
- Assist and show where policies, processes and procedures can be found and explain why they should be followed.
- Tracks current and impeding laws, regulations and industry requirements and best practices, such as data protection, data privacy, cybersecurity and information security.
- Able to translate requirements into practical solutions.
- Gathers data, analyzes and drafts reports, including department, project, key indicators and dashboards.
- Assists with requirements and improvement plans.
- Ability to quickly develop excellent working relationships with peers and key stakeholders, such as business partners, legal, internal audit, risk, and technology specialists.
- Other duties as assigned based on department and organizational needs.
- Conforms with and abides by all regulations, policies, work procedures, instruction and all safety rules.
- Exhibits regular, reliable, punctual and predictable attendance.
- Bachelor’s degree with emphasis in Computer Science, MIS, Auditing, Finance, or Business or equivalent education and experiencerequired.
- Up to 3-5years of experience working in a systems security analyst environment required, including but not limited to experience with information technology operations and information security operations, business continuity and disaster recovery.
- Having knowledge and some experience with data protection, data privacy laws, regulations and industry requirements as well as best practices.
- Provide input, creates awareness and training materials and leads certain activities, such as hardcopy and online learning content, presentations, pamphlets, electronic communications (e.g., internal blogs).
- Perform and lead certain procedural tasks found within third-party assessments, such as reviewing due-diligence artifacts, supervising tasks, reviewing results and recommending outcomes.
- Technology, risk management, business continuity and disaster recovery, compliance or audit background helpful;
- Security Certification(s): CISSP, CISM, CRISC, CISA or ABCP
Behavioral & Leadership Competencies
- Excellent time management and analytical skills.
- Effective written and verbal communication skills at all levels of the organization.
- Awareness of the importance of timing, politics and group processes in managing change.
- Team oriented.
- Strong project management skills.
- Attention to detail with the ability to multi-task.
- Task and deadline driven.
- Self motivated.
At Transamerica we promote a Future Fit mindset. What is a Future Fit mindset?
- Acting as One fosters an environment of positive collaboration.
- Accountability allows us to own the problem as well as the solution.
- Agility inspires new ideas, innovation and challenges the status quo.
- Customer Centricity encourages an above and beyond approach to our customer.
- Normal office environment.