Information Security Analyst (Midtown Manhattan)

Information Security Analyst

Will work to Identify Security Risks, Threats and Vulnerabilities for the Firm’s Network, Systems, Applications and New Technology Initiatives. Reporting directly to the VP of Information Governance, the Information Security Analyst will provide support to ISO / Tech Risk Functional Areas. This is NOT a Network Engineering / Network Security position

Responsibilities:
• Conduct information security assessments to identify potential technology risks
• Establish and monitor compliance with security requirements for all applications. Evaluate and test the security features for any new applications
• Manage the quarterly re-certification process for all applications and shared access elements within our environment
• Oversee the documentation of all Information Security and Technology Risk procedures and processes
• Monitor scans by the Security Incident Event Monitoring application and investigate anomalies to ensure all activities are in compliance with policies and procedures
• Conduct weekly email surveillance reviews for Compliance and HR and investigate any subsequent findings
• Review and analyze security logs to identify any anomalies within our environment and activities within our network as well as from any devices accessing the network
• Assist key stakeholders in identifying and certifying relevant technology risks within each department
• Assist in the coordination and performance of vulnerability assessment and penetration testing on a regular basis
• Oversee the Technology Risk Matrices for incidents and follow-up on outstanding action plans resulting from these incidents and identified risks from the annual Technology Risk Assessment
• Research and identify applicable security safeguards based on the threat landscape
• Oversee user access processes to ensure operational integrity of the application security application
• Oversee the daily operations of the following Information Security applications including training on these applications: RSA’s DLP, CyberArk, Varonis, VCM, BlockMaster and Netezza Mantra for Database Compliance Monitoring

Requirements:
• Will have a minimum of 2-5 years’ experience in Information Security
• Familiarity with Federal Regulations and Industry standards related to Information Security (FISMA, ISO 27001/27002, NIST, etc.)
• Strong knowledge of intermediate/advanced Excel Functions
• Strong attention to detail with the ability to prioritize and meet deadlines while working independently
• Ability to recognize and deal appropriately with confidential and sensitive information
• Must have flexibility to work overtime if needed
• Absolutely must have excellent verbal and written English communications skills and a proven history of interacting with users at all levels
• Bachelor Degree, preferably in Information Security or IT related field; Strong interest in Information Security Field
• CISSP Certification is a deciding plus

This is a permanent, full time position (NOT a contract). Please do not apply (or refer) unless authorized to work in the US.
All candidates must be either US Citizens or US Permanent Residents

All candidates MUST be local to NY City.
Please do not apply if you are not local, even if you would pay your own relocation.
Relocation is NOT offered.