Virtual
Senior Information Security Analyst
Virtual, Columbus, Ohio, United States, 43224
Hybrid-
3 days onsite in Columbus, OH
Reports to:
Information Security Officer
Salary:
$85,000 - $105,000
Responsibilities:
Lead the design, implementation, and maintenance of data loss prevention (DLP) solutions to protect sensitive data from unauthorized access, exfiltration, and leakage.
Develop and deploy fraud detection mechanisms and tools to identify and mitigate fraudulent activities across systems and applications.
Design and implement controls and monitoring mechanisms to detect and respond to insider threats, including unauthorized access and data misuse.
Conduct thorough risk assessments and threat modeling exercises to identify potential vulnerabilities and develop strategies for mitigation.
Collaborate with Information Technology teams to integrate DLP, fraud detection, and insider monitoring capabilities into existing systems and workflows.
Monitor security logs and alerts for suspicious activities related to data loss, fraud, and insider threats, and take appropriate action to investigate and respond.
Stay abreast of emerging threats, vulnerabilities, and trends related to data security, fraud, and insider threats, and recommend proactive measures to mitigate risks.
Participate in incident response activities, including forensic analysis, root cause identification, and remediation planning for security incidents related to data loss, fraud, and insider threats.
Collaborate with internal audit to ensure adherence to regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
Maintain a service-oriented mindset while delivering requirements on time.
Comply with all security policies and procedures, to ensure that the highest level of system and data confidentiality, integrity and availability is maintained.
Participate in business continuity planning and execution.
Provide after-hours support for daily business needs as needed.
Other responsibilities as assigned.
Qualifications:
Bachelor's degree (B.S.) in computer science or related field;
4-7 years of experience in information security roles, with a focus on data loss prevention, fraud detection, and insider threat mitigation.
Strong understanding of DLP technologies, including content inspection, data classification, and data encryption.
Experience with fraud detection techniques and tools, such as anomaly detection, machine learning, and behavioral analytics.
Understanding of insider threat monitoring and detection mechanisms, including user behavior analytics and privilege access management.
Knowledge of regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
Excellent analytical and problem-solving skills, with attention to detail and the ability to think critically under pressure.
Strong communication and interpersonal skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders.
Relevant industry certifications are highly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), etc.
Experience with security tools and technologies, such as SIEM, data classification, data protection, endpoint detection and response, is a plus.
Equivalent combination of education, skills, and experience
3 days onsite in Columbus, OH
Reports to:
Information Security Officer
Salary:
$85,000 - $105,000
Responsibilities:
Lead the design, implementation, and maintenance of data loss prevention (DLP) solutions to protect sensitive data from unauthorized access, exfiltration, and leakage.
Develop and deploy fraud detection mechanisms and tools to identify and mitigate fraudulent activities across systems and applications.
Design and implement controls and monitoring mechanisms to detect and respond to insider threats, including unauthorized access and data misuse.
Conduct thorough risk assessments and threat modeling exercises to identify potential vulnerabilities and develop strategies for mitigation.
Collaborate with Information Technology teams to integrate DLP, fraud detection, and insider monitoring capabilities into existing systems and workflows.
Monitor security logs and alerts for suspicious activities related to data loss, fraud, and insider threats, and take appropriate action to investigate and respond.
Stay abreast of emerging threats, vulnerabilities, and trends related to data security, fraud, and insider threats, and recommend proactive measures to mitigate risks.
Participate in incident response activities, including forensic analysis, root cause identification, and remediation planning for security incidents related to data loss, fraud, and insider threats.
Collaborate with internal audit to ensure adherence to regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
Maintain a service-oriented mindset while delivering requirements on time.
Comply with all security policies and procedures, to ensure that the highest level of system and data confidentiality, integrity and availability is maintained.
Participate in business continuity planning and execution.
Provide after-hours support for daily business needs as needed.
Other responsibilities as assigned.
Qualifications:
Bachelor's degree (B.S.) in computer science or related field;
4-7 years of experience in information security roles, with a focus on data loss prevention, fraud detection, and insider threat mitigation.
Strong understanding of DLP technologies, including content inspection, data classification, and data encryption.
Experience with fraud detection techniques and tools, such as anomaly detection, machine learning, and behavioral analytics.
Understanding of insider threat monitoring and detection mechanisms, including user behavior analytics and privilege access management.
Knowledge of regulatory requirements and industry standards related to data protection, fraud prevention, and insider threat mitigation.
Excellent analytical and problem-solving skills, with attention to detail and the ability to think critically under pressure.
Strong communication and interpersonal skills, with the ability to effectively convey complex technical concepts to non-technical stakeholders.
Relevant industry certifications are highly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), etc.
Experience with security tools and technologies, such as SIEM, data classification, data protection, endpoint detection and response, is a plus.
Equivalent combination of education, skills, and experience