World Vision International

This job is no longer available.

You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

IT Security Analyst I

Job Description

PURPOSE OF POSITION:

The IT Security Analyst is responsible for the support of identity and access management services. These services include identity assurance and registration, access requests, access provisioning and de-provisioning, access recertification, public key infrastructure, remote access, and directory technologies. Responsibilities include requirements gathering; define test specifications and implementation support. The IT Security analyst will also interface with Identity Access Management service owner to support World Vision in meeting its business objectives while increasing adoption of identity and access management services.

Individuals within the IT Security job family plan, execute, and manage multi-faceted projects related to compliance management, risk assessment and mitigation, control assurance, business continuity and disaster recovery, and user awareness. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization.

Individuals develop, execute and manage data, system, network and internet security strategies and solutions within a business area and across the enterprise. They develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines. To guide enforcement of security policies and procedures, they administer and monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain and document security controls and provide direct support to the business and internal IT groups. IT Security professionals evaluate and recommend security products, services and/or procedures. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.

IT Security professionals require strong technical, analytical, communication and consulting skills with knowledge of IT Security and related technologies. Security certifications (i.e., Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manage (CISM), Global Information Assurance Certification (GIAC) and/or other certifications) may be required.

KEY RESPONSIBILITIES:

Policies, Procedures & Standards:

  • Proposes improvements and assists in the implementation of enterprise-wide security policies, procedures and standards.

  • Monitors compliance with security policies, standards, guidelines and procedures.

  • Ensures security compliance with legal and regulatory standards.

Business Requirements:

  • Participates with the project team to gather a full understanding of project scope and business requirements.

  • Maintains awareness of current business processes and their security risks.

Risk Assessments:

  • Assists in business impact analysis to ensure resources are adequately protected with proper security measures.

  • Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.

  • Runs security analysis reports using commercial tools or custom scripts and documents gaps.

Information/Data Security:

  • Checks existing accounts and data access permission requests against documented authorizations.

  • Develops and delivers security awareness programs.

Security Audits:

  • Assists in security audits.

  • Inspects security logs to uncover possible security violations (e.g., break-ins, unauthorized activity).

  • Checks existing accounts and data access permission requests against documented authorizations.

Security Support:

  • Provides security support to ensure that security issues are addressed throughout the project life cycle.

  • Provides responsive support for problems found during normal working hours as well as outside normal working hours.

  • Resolves problems and assists with security incident handling.

  • Responds to security incidents and assists in forensic investigations.

  • Works with teams to resolve issues that are uncovered by various internal and 3rd party monitoring tools.

Business Continuity/Disaster Recovery:

  • Assists in the development and implementation of disaster recovery test plans.

  • Participates in recovery drills.

Security Performance Management:

  • Gathers and tracks security metrics, develops reports.

Communications/Consulting:

  • Provides updates and status of issues to business and IT staff.

KNOWLEDGE, SKILLS & ABILITITES:

  • Master’s Degree in Business Administration or other related field, or equivalent work experience.

  • Typically requires 1-2 years of IT work experience, specifically in an identity and access management-related role.

  • Recommend CISA certification.

  • Effective in written and verbal communication in English.

Preferred:

  • Identity and access management vendor product offerings and capabilities.

  • Identity and access management methodologies and frameworks.

  • Internship or prior Information Security work experience in World Vision International.

Work Environment/Travel:

  • The position requires ability and willingness to travel domestically and internationally up to 25% of the time.