Sr. Information Security Analyst

$85,000 - $105,000/Yr

Vaco - Columbus, OH

posted 3 months ago

Full-time - Mid Level
Columbus, OH
Administrative and Support Services

About the position

As a Senior Information Security Analyst at Vaco, you will play a critical role in safeguarding sensitive data and ensuring the integrity of our information systems. This position involves leading the design, implementation, and maintenance of data loss prevention (DLP) solutions to protect against unauthorized access, exfiltration, and leakage of sensitive information. You will be responsible for developing and deploying fraud detection mechanisms and tools to identify and mitigate fraudulent activities across various systems and applications. Your expertise will be essential in designing and implementing controls and monitoring mechanisms to detect and respond to insider threats, including unauthorized access and data misuse. In this role, you will conduct thorough risk assessments and threat modeling exercises to identify potential vulnerabilities and develop strategies for mitigation. Collaboration with Information Technology teams will be key as you integrate DLP, fraud detection, and insider monitoring capabilities into existing systems and workflows. You will monitor security logs and alerts for suspicious activities related to data loss, fraud, and insider threats, taking appropriate action to investigate and respond to incidents. Staying abreast of emerging threats, vulnerabilities, and trends related to data security, fraud, and insider threats will be crucial, as you will recommend proactive measures to mitigate risks. You will also participate in incident response activities, including forensic analysis, root cause identification, and remediation planning for security incidents related to data loss, fraud, and insider threats. Collaborating with internal audit teams will ensure adherence to regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation. Maintaining a service-oriented mindset while delivering requirements on time is essential, as is compliance with all security policies and procedures to ensure the highest level of system and data confidentiality, integrity, and availability. Additionally, you will participate in business continuity planning and execution and provide after-hours support for daily business needs as required.

Responsibilities

  • Lead the design, implementation, and maintenance of data loss prevention (DLP) solutions to protect sensitive data from unauthorized access, exfiltration, and leakage.
  • Develop and deploy fraud detection mechanisms and tools to identify and mitigate fraudulent activities across systems and applications.
  • Design and implement controls and monitoring mechanisms to detect and respond to insider threats, including unauthorized access and data misuse.
  • Conduct thorough risk assessments and threat modeling exercises to identify potential vulnerabilities and develop strategies for mitigation.
  • Collaborate with Information Technology teams to integrate DLP, fraud detection, and insider monitoring capabilities into existing systems and workflows.
  • Monitor security logs and alerts for suspicious activities related to data loss, fraud, and insider threats, and take appropriate action to investigate and respond.
  • Stay abreast of emerging threats, vulnerabilities, and trends related to data security, fraud, and insider threats, and recommend proactive measures to mitigate risks.
  • Participate in incident response activities, including forensic analysis, root cause identification, and remediation planning for security incidents related to data loss, fraud, and insider threats.
  • Collaborate with internal audit to ensure adherence to regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
  • Maintain a service-oriented mindset while delivering requirements on time.
  • Comply with all security policies and procedures, to ensure that the highest level of system and data confidentiality, integrity and availability is maintained.
  • Participate in business continuity planning and execution.
  • Provide after-hours support for daily business needs as needed.
  • Other responsibilities as assigned.

Requirements

  • Bachelor's degree (B.S.) in computer science or related field;
  • 4-7 years of experience in information security roles, with a focus on data loss prevention, fraud detection, and insider threat mitigation.
  • Strong understanding of DLP technologies, including content inspection, data classification, and data encryption.
  • Experience with fraud detection techniques and tools, such as anomaly detection, machine learning, and behavioral analytics.
  • Understanding of insider threat monitoring and detection mechanisms, including user behavior analytics and privilege access management.
  • Knowledge of regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
  • Excellent analytical and problem-solving skills, with attention to detail and the ability to think critically under pressure.
  • Strong communication and interpersonal skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders.
  • Relevant industry certifications are highly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), etc.
  • Experience with security tools and technologies, such as SIEM, data classification, data protection, endpoint detection and response, is a plus.
  • Equivalent combination of education, skills, and experience.

Nice-to-haves

  • Relevant industry certifications such as CISSP, CISM, or GIAC are highly desirable.
  • Experience with security tools and technologies, such as SIEM, data classification, data protection, endpoint detection and response.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service