American Red Cross
Telecommute – DC, VA, SC, MD, NC
Title:Information Security Analyst 3 (remote work)
Location: United States
This position will primarily work virtually work from a home-office with occasional in-person meetings.
We are actively seeking an experienced information security analyst to join our Security Governance team. In this role, you will collaborate with business and technical project teams to provide security expertise in the design and implementation of new applications and consult with vendors, developers, legal, auditors and personnel within the organization to maintain organization security compliance. This will also require that you assess potential risks that may arise as different solution options are explored to ensure that we are meeting the needs of the business, that policies are set up appropriately and that these solutions will work effectively within our technical environment. This position will report directly to the Director of Security Governance.
Manage Data Loss Prevention configuration, reporting and security awareness.
Manage vulnerability and enterprise patch management to reduce business risk on operating systems, databases, code development, applications and infrastructure.
Collaborate with cross-functional project teams to define application security requirements and security architecture.
Facilitate data classification exercises with application owners.
Ensure new applications are in alignment with policy, regulatory, and business requirements and systems are implemented in a secure manner.
Evaluate exceptions to determine if compensating controls provide adequate protection of data.
Assess 3rd party solution providers for compliance with security policies and controls requirements.
Collaborate with legal and supply chain offices to review contracts.
Collaborate with the Security Operations and IT infrastructure teams to consider application integrations and impacts.
At least 3 years of demonstrated experience in information technology and information security required.
A Bachelor’s degree in an IT or related discipline required; experience may substitute for education.
Information security certification, such as CISSP, CISM, CISA, or GSEC a plus.
Security consulting experience is highly desirable.
Effective communication skills, both written and verbal, required.
Should have a clear understanding of commercial best-practices and ISO security standards.
Project management experience required.
Experience balancing risk management and business drivers is essential.
Must be highly organized and capable of prioritizing workloads.
Must be experienced in developing and presenting solution recommendations.
Computer & IT , Computer Security , Project Management , Analyst
DC, VA, SC, MD, NC