About CentralSquare TechnologiesCentralSquare Technologies is a leading provider of software and services aligned to serve five key customer segments – Public Administration, Public Safety and Justice, State Government, Federal Government and Nonprofit Agencies. The combinedexperience and knowledge of our employees helps communities, governments and organizations better serve their population. Over 175 million people in North America live in communities that rely on our products and services.Job Description
CentralSquare is seeking a Senior Information Security Analyst to join its Information Security, Risk & Compliance team. This unique and challenging position will work closely with key stakeholders to implement a securityarchitecture as it relates to cloud implementation and hosting, as well as maintain a secure operating environment for existing CentralSquare technology, applications, employees and office locations.
Cloud Security Responsibilities
- Work closely with stakeholders to drive securityarchitecture for cloud-based solutions.
- Identify and assist with deployment of security controls required to ensure the confidentiality, integrity, and availability of CentralSquare Cloud assets and infrastructure.
- Assist with Cloud implementation of the Secure Software Development Life Cycle, specifically related to program interfaces, application architecture, data protection, identity and access management.
- Perform governance duties including but not limited to tenant account review, new Use Case approvals, and change management.
- Perform risk management tasks as they relate to all CentralSquare tenant subscriptions and activity.
- Monitor and audit all CentralSquare-owned cloud environments.
General Information Security Responsibilities
- Work closely with Information Services to mitigate critical threats to the organization.
- Work closely with Information Services to identify and resolve system vulnerabilities.
- Implement security technologies to protect CentralSquare assets.
- Troubleshoot and resolve service desk cases related to information security issues.
- Research potential attempts to compromise the confidentiality, integrity, or availability of assets.
- Proactive event review of SIEM, syslog and other logging systems, as part of threat hunting initiative.
- Perform third party vendor security reviews as needed.
- Collaborate laterally throughout the organization to align security strategy with business needs.
- Perform other cybersecurity, risk and regulatory compliance duties as assigned.
Skills & Requirements
Desired Skills & Education
- In-depth understanding of security controls as they relate to IaaS, PaaS, SaaS cloud models.
- In-depth understanding of best-in-breed technologies used to maintain a secure cloud infrastructure.
- Experience implementing data-loss prevention technologies.
- Knowledge of security control frameworks such as NIST CSF, ISO 27002, OWASP.
- Knowledge of common application attacks and mitigation strategies.
- Basic understanding of security standards such as PCI, HIPAA, and CJIS.
- CISSP, CCSP or industry-related certification desirable.
- Bachelors in a related field w/ 7+ years of experience in a cybersecurity role.
- Self-motivated and well organized. Must be able to prioritize tasks and work well under pressure.
- Strong oral, written, and interpersonal skills are required.
- Experience working with local government agencies a plus.
This company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, This company complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.