The Information Security Analyst provides a critical support function as a member of the Global Security team in ensuring that Sitel’s Information Security program, policies and procedures are implemented consistently.
The analyst is expected to be a subject matter expert on various Security regulatory standards such as the Payment Card Industry (PCI) Data Security Standard, HIPAA, SSAE 16.
This position is focused on relationship with internal customers and stakeholders with issues regarding logical access and entitlement management, role management, as well as creating and fostering a robust control environment in accordance with regulatory requirements.
This position will support external, internal, regulator audit requests for information and manages access related compliance efforts for Sitel.
This position is analytical, and requires extensive knowledge and experience in information / IT security.
SUMMARY OF KEY RESPONSIBILITIES : (not limited to)
Serve as a key member of the Global Security Team by supporting ongoing compliance activities and monitoring efforts across different Regulations and GRC Standards (SOX, HIPAA, PCI, others) as applicable
Coordinate and administer access reviews and related activities across global cross-functional stakeholders
Perform and track control monitoring efforts and related process improvement or remediation activities
Utilize the Proteus GRC tool to facilitate day-to-day monitoring and compliance checks
Perform planned or ad-hoc assessments as needed
Update and maintain reporting metrics and dashboards as needed
Identifies control gaps and may assist in remediation
May develop, implement program procedures and policies, oversee program service levels and enhancements; provide technical advice
Other duties as assigned
BASIC QUALIFICATIONS :
Bachelor's degree in Information Technology, Computer Science preferred
CISSP, CISA, Security+ Certification preferred
A second language would be an advantage
Superb ability to represent data in graphical form
Proven documentation skills, including proficiency with the documentation and documentation maintenance for process work flow diagrams
Working knowledge of access and identity management concepts and processes, including the concept of roles and individual access, approvals, access certification reviews, etc.
Working knowledge of various platforms and how provisioning works on each including but not limited to UNIX, Oracle database, Postgres, Windows / Active Directory, etc
Understands the basics of information Security controls, particularly in the context of regulatory compliance requirements (PCI, GLBA, SOX, SSAE 16, ISO 27001, 22301)
Works independently with very limited supervision with ability to follow through on project completion, juggling multiple priorities, and knowledge of when to escalate appropriately
Strong work ethic; willingness to work additional hours to meet business need and coordinate with colleagues globally
Must work well in a dynamic team that is geographically dispersed.
Ingenuity, creativity, motivation, and self starter attitude required.
Job Segment : Information Security, Oracle, Database, Computer Science, Technology, Security