Information Security Analyst

Description:

The Information Security Analyst-1 performs three core functions for TEKsystems Global Services (TEK GS) out of Hanover, MD location. The first is the identification, investigation and resolution of data security incidents that are caused at our clients by our consultants (these are usually carried out through abusing access rights, theft of data and mishandling physical devices.) The second is the prevention of breaches and mitigating the insider threat risk that may include involvement in the implementation of new security solutions and training for our consultants, participation in the creation and or maintenance of certifications, policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments as they relate to the consultant/client environment and in accordance with changes in local or federal law. The third is participation in the day-to-day operations of data security language review and creation within contracts, request for proposals and master service agreements. The role is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

These functions will be done under the direction of the TEKsystems Information Security Business Officer (ISBO) and in coordination with one or more other Information Security Analysts within TEK.

Responsibilities

Responsibilities:

Operational Management

Assist in investigations and be the point person regarding security incidents involving consultants and clients. This will involve interacting with executive TEK leadership as well as executive leadership at the client as needed.
Provide assistance in the development and communicate data security incident details to TEK leadership, staff, partners, clients and stakeholders.
Review all training related materials regarding information security to evaluate in terms of best practices for c
Work with all individuals involved in educating and utilizing the formalized Incident Security Response process.
Participate in contract review/negotiations on information security with TEK departments. Provide training and guidance in conjunction with the legal department on these topics periodically.
Act as advocate and primary liaison for TEK’s security vision relating to consultants and clients via regular written and in-person communications with executives, leadership and end users.
Coordinate associated security activities with contractor on-boarding as well as end of assignment/de-provisioning steps.
Assist in tracking effort solution regarding a semi-automated data security training audit.

Deployment

Partner with TGS and ensure the security scope is accurate for the all solutions deployed by TGS and that the solution is effective such as secure file transfer, ISO 27001 and/or SSAE16 certification and information security training for certain contractors and internal employees.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Collaborate with Allegis Group IS leadership and human resources to establish and maintain a system for ensuring that security and privacy policies are met.

Strategy & Planning

Promote and oversee strategic security relationships between TEK and clients, including government and commercial clients.
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the TEK Information Security Business Officer (ISBO).
Participate in the planning and design of localized Business Continuity Plans under the direction of the ISBO.
Participate as a member of the TEK security team in governance processes of the organization’s security strategies.
In conjunction with Allegis Group IS and independently as needed, provide resolution to security problems in a cost-effective manner.
Assist in developing, implementing, and maintaining the enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
Remain informed on trends and issues in the security industry, including current and emerging technologies. Advise local leadership teams and consultants on their relative importance and financial impact.

Qualifications

Position Requirements

Formal Education & Certification

Bachelor’s degree in the field of information services, information technology, information systems or business administration or actively pursuing.
Certifications such as ITILv3 and security-related preferred but not required.

Knowledge & Experience

1 year or greater experience working in the IS industry, preferably security operations.
Ability to respond to incidents, perform analysis tasks, and communicate effectively with your constituency and other external contacts.
Competent problem solver, must easily adapt to change and be effective in daily activities
Proven experience in planning, organizing and developing IS security and facility security system technologies.
Experience in planning and executing security policies and standards development.
Excellent knowledge of technology environments, including information security, building security and defense solutions.
Detailed knowledge of technology efforts regarding IS internal controls, risk management, information security, legal, contractual and litigation concerns, especially as they relate to current Federal Rules of Civil Procedure (FRCP) regarding electronically stored data and e-discovery.
Substantial exposure and broad understanding of security hardware platforms, enterprise software applications and outsourced systems.
Good understanding of computer systems characteristics, features and integration capabilities.
Basic understanding of project management principles.
Demonstrated ability to apply IS in solving security problems.
Basic knowledge of applicable laws and regulations as they relate to security.

Personal Attributes

Ability to set and manage priorities judiciously and independently.
Ability to travel 20-30% (primarily domestically) with short notice
Excellent written and oral communication skills.
Excellent interpersonal skills.
Strong negotiating skills.
Ability to present ideas in business-friendly and user-friendly language.
Exceptionally self-motivated and directed.
Keen attention to detail.
Superior analytical, evaluative and problem-solving abilities.
Exceptional service orientation.
Ability to motivate in a team-oriented, collaborative environment.
Ability to understand and align with TEKsystems’ core values: Relationships, Commitment, Open Communication and Serving Others.

Comprehensive Benefits Package:

Employees receive a competitive base salary, commission, and an exceptional benefits package including a 401(k) company matched retirement savings plan, parental leave and vacation, personal and holiday pay.

Medical – BlueCross BlueShield Preferred Provider Organization (PPO) with a Health Savings Account (HSA)
Dental – MetLife
Vision – Vision Service Plan (VSP)
Insurance – Life and Accidental Death & Dismemberment (AD&D)

Additional benefits include: