We are seeking a Principal Information Security Analyst to lead significant aspects of the system-wide Information Security program, including development, ongoing planning and execution of the roadmap for their program domain(s). They are expected to provide thought leadership to the organization in areas such as, but not limited to: information security frameworks, business continuity management, reporting and metrics, security risk management, firewall protection, information security training, intrusion prevention, data loss prevention, anti-virus endpoint protection, security policy and standards, regulatory/contractual requirements, planning, mitigation, physical security, and/or crisis and incident management. The Principal Information Security Analyst is able to translate strategy into tactical plans then achieve its milestones, determining resource needs and coordinating the work of a cross functional team, often in a lead role. They are responsible for overseeing and coordination of all aspects of a significant domain(s) within the information security program ranging from business requirements and detailed planning (schedule, scope, budget) to on-time completion of deliverables to QA criteria and testing and ongoing metrics and reporting. He/She works fairly autonomously to proactively develop enterprise security methodologies and implement enterprise-wide processes that address and show adherence to regulatory requirements, and that reduce risks to the organization while driving efficiencies. They formulate and lead interdisciplinary teams to identify, assess and address security risks. They are recognized both within RIS and by business units as an authoritative subject matter expert for their assigned domains and have a strong understanding of how the security programs support and effect the organization. The Principal Information Security Analyst will create and utilize various tools and methods to provide support to end users, technology teams, projects and business leaders on a regular and ad hoc basis. Responsible for working collaboratively and effectively with project sponsors, Regional Information Security Officers, IT site directors, regional leaders and project managers to assess, analyze and develop information security related business needs and requirements for potential projects/initiatives.
In this position you will have the following responsibilities:
Required qualifications for this position include:
Preferred qualifications for this position include: