Information Security Analyst
Job Purpose / Description:
This position will be responsible for assisting in the engineering of the application connectivity through Security Operations (SECOPS) managed firewalls, the creation and management of the documentation for the connectivity in the Company Connectivity Registry (CCR), representing the registered connectivity for approval on the Third Party Access Solutions Working Group (3PASWG) Weekly Call, and reviewing the Firewall Change Request for accuracy and compliance to support all third party connectivity. They will ensure third parties are registered in CASP (Company Approved Service Providers) database and the requested applications are listed in the Company Systems Inventory (CSI) or Company Technology Catalog (CTC). They will confirm network connectivity by accessing network equipment and confirm configurations and status. They will work with client organizations, Helpdesk and other CT groups to ensure all firewall and ACL related troubles are corrected and documented in a timely manner. They must possess the ability to document any new policies and/or procedures into the appropriate format. They will work with other group members to ensure that the Process Control Management documentation and other documentations (drawings, databases, spreadsheets, etc.) are up to date and accurate.
Job Responsibilities:
As a member of External Connectivity Security Team (ECS) you will:
Process Firewall, Proxy, RAS requests and perform risk assessments to ensure that the connectivity is compliant with Company Information Security Standards and IS Policies.
Provide Information Security oversight and guidance to Company businesses requiring 3rd party connectivity as it relates to Company Information Security Standards and IS Policies.
Liaise with multiple technology teams (i.e. CATE Network Engineering; Proxy OPs and Integration; Perimeter Security Ops; System Based Computing; Remote Access Services and Business Information Security Officers); to facilitate cross functional solutions as it relates to 3rd party connectivity aligning with Company Information Security Standards.
Modality solutions include (but not limited to) RAS, B2B, Firewall; Proxy; and TPA solutions.
Test and pilot system enhancements/changes and/or other.
Complete all tasks – having connection with the organization’s activity but not detailed in the JDs – charged by the manager or superior.
Identify and develop new and improved technical procedures and process control manuals
Identify significant IS threats and vulnerabilities as it relates to connectivity requests.
Assume informal/formal mentorship role within teams and assist with the coaching and training of new team members
Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Company, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, […]