Logo
C4 Technical Services

Information Security Analyst - Remote x

C4 Technical Services, Eagan, Minnesota


Information Security Analyst Remote Summary: The main function of a Information Security Analyst is to plan, coordinate, and implement security measures for information systems to regulate access to computer data files and prevent unauthorized modification, destruction or disclosure of information. A typical Information Security Analyst is responsible for planning, coordinating and implementing security measures to safeguard the computer database. Job Responsibilities: Identify security issues and risks, and develop mitigation plans Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles Develop and interpret security policies and procedures Participate in security compliance efforts Develop and deliver training materials and perform general security awareness and specific security technology training Evaluate and recommend new and emerging security products and technologies Qualifications: Bachelor's degree in a technical field such as computer science, computer engineering or related field required 8-10 years experience required Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security Consistent implementation of security solutions Experience in infrastructure or application-level vulnerability testing and auditing Summary: The Risk & Controls Analyst is responsible for executing processes that ensures IT's compliance with regulatory, industry and client security requirements. This role is responsible for working with cross-functional teams on the day-to-day operational activities needed to support the Security Governance Risk and Compliance program. A typical Information Security Analyst is responsible for: • Conduct and lead vendor and system risk assessments, coordinate and finalize responses to client RFP and assessment requests, review information security language for client and vendor contracts and modify when required • Review evidence and verify that controls are designed and operating effectively and comply with security requirements to HITRUST, SOC 2, HIPAA, and client contracts • Assist in the development and implementation of reporting processes and metrics that monitor risk and controls status • Work with IT and auditors to develop and validate audit scope, action plans and remediation • Other duties as assigned DICE kgohmannc4techservices.com cclausenc4techservices.com