Job Summary ROLE AND RESPONSIBILITIES
The Security Analyst is responsible for maintaining, improving, and monitoring the security environment by understanding generally accepted security and risk principles and applying this knowledge to the existing environment and processes.
Duties / Responsibilities The Security Analyst will be assigned to a region and is expected to understand all of the data security and privacy policies, procedures and the overall architecture as they apply to the region.
The Security Analyst coordinates with the Operations and Information Technology organizations to ensure compliance with corporate security policies, processes and procedures and is responsible for the implementation of security best practices, client requirements, regulatory and global security requirements.
The successful candidate will coordinate projects by developing the security risk requirements and acting as the security point of contact for both internal groups and external clients.
In this role, the Security Analyst will define security frameworks, communicate security concepts, policies, standards, procedures, and provide ongoing support.
The successful candidate will have a firm understanding of risk management principles and is able to easily articulate that understanding while helping others to improve.
Is willing to actively seek opportunities to develop new approaches to meet new goals. Grasps and applies advanced concepts.
Stays abreast of new tools, technologies, and techniques, and implements them as solutions to business and technical problems.
The Senior Security Analyst is expected to be able to mentor and provide leadership to others on the team.
Responsibilities also include :
Align current business processes with client requirements and external security standards / obligations such as Visa PCI DSS, ISO27001 and ISO27002, HIPAA, BITS, etc.
Identifying and remedying security deficiencies and gaps with business suitable controls
Works with global security team in the creation of policies, procedures, or guidelines to ensure the security and privacy of information and computer systems for Teleperformance.
Review Statements of Work, Master Service Agreements, and other contracts for security obligations and identify areas of exposure
Serve as liaison between operations and management to maximize the adoption of and support for security plans and procedures within the organization.
Recommend physical security controls and processes
Serve as primary liaison between the organization's clients and security auditors, concerning information security and privacy incidents, laws, and policies.
Conduct Risk Assessment including but not limited to Fraud Risk Assessment
Identify and lead the appropriate subject matter experts to participate in the identification and analysis of risk scenarios
Participate in BCP / DR related activities
Will be called upon to provide innovative risk management solutions
Completes all special projects and other duties as assigned. Qualifications : QUALIFICATIONS AND EDUCATION REQUIREMENTS
A Bachelor's degree in computer science, engineering or a related discipline, or the equivalent combination of education, technical training or work / military experience.
5+ years of Information Security / Risk Management experience
Experience with regulatory requirements including but not limited to PCI-DSS, ISO2700, HIPAA, etc.
Advanced knowledge and Work experience in Risk Management or related fields such as Audit, IT Security, or Business Continuity, however other IT disciplines are eligible
Technical knowledge to understand detailed issues around business continuity, security, and overall risk in IT. Able to have enough expertise to drive a solution and solve issues, addressing risk.
Experience in a regulated (financial, pharmaceutical, health care, etc.) industry is highly desired.
One or more of the following certifications is highly preferred : CEH, CISSP, CRISC, CISA, ECSA, CHFI, CFE, MCSE, CCNA, CCNP