Information Security Analyst

A Global Enterprise company we are working with is looking for an Information Security Analyst. This person is a professional responsible for ensuring the security of an organization's information systems and data within the context of GEI. Their primary role is to identify, analyze, and mitigate security risks and threats to protect the confidentiality, integrity, and availability of information assets.
Role and Responsibilities:

1. Conduct regular assessments of the organization's information systems, networks, and applications to identify vulnerabilities, weaknesses, and potential security risks.
2. Develop and implement security measures, policies, procedures, and standards to safeguard the organization's information assets and ensure compliance with relevant regulations and industry best practices.
3. Monitor and analyze security logs, alerts, and incidents to detect and respond to security breaches, intrusions, and unauthorized access attempts.
4. Investigate security incidents and perform root cause analysis to determine the impact, extent of damage, and necessary remediation steps.
5. Perform regular security audits and risk assessments to evaluate the effectiveness of existing security controls and identify areas for improvement.
6. Participate in incident response activities, including incident handling, containment, eradication, and recovery.
7. Contribute to the development and maintenance of disaster recovery and business continuity plans, ensuring the availability and resilience of critical systems and data.
8. Assist in conducting internal and external security audits and regulatory compliance assessments.

Required Skills and Qualifications:

1. Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
2. Proven experience in information security roles, preferably in large enterprise environments.
3. In-depth knowledge of information security principles, concepts, standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls.
4. Strong understanding of networking protocols, architectures, and infrastructure components.
5. Familiarity with security technologies, including firewalls, intrusion detection/prevention systems, antivirus/anti-malware solutions, data loss prevention, and identity and access management systems.
6. Experience in security incident response, including incident investigation, containment, eradication, and recovery.
7. Proficiency in security assessment tools and techniques, vulnerability scanning, and penetration testing.

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.