Senior Information Security Analyst

DEPARTMENT: IT – Information Security 

JOB TITLE: Information Security (InfoSec) Analyst 

JOB CODE: ISA

REPORTS TO: Sr. Manager of Cybersecurity and Service Desk

FLSA STATUS: Exempt

EMPLOYMENT TYPE: Full-Time

JOB PURPOSE: 

This role at Arbitration Forums is as unique as it is rewarding because of the AF IPAAL Values (Integrity, Passion, Accountability, Achievement, Leadership) and TRI Model (Trust, Respect, Inclusion).   

The InfoSec Analyst serves as a dependable resource for a variety of security monitoring and control systems. This position takes the lead on daily operational security activities at Arbitration Forums, Inc. (AF) and will support the implementation of new security controls as well as improve existing security controls during project assessment and implementation. In this position, the InfoSec Analyst consults with individuals in the InfoSec team and others throughout the organization on strategies to improve security controls and assist with key security compliance initiatives.

The InfoSec Analyst participates in developing, coordinating, implementing, and maintaining standards and procedures to protect the security and integrity of information systems and data. This position will collaborate with the Sr. InfoSec Analysts and department manager to conquer InfoSec challenges that improve AF’s operational security.

DEPARTMENTAL EXPECTATION OF EMPLOYEE 

• Adheres to AF Policy and Procedures and the AF IPAAL Values and TRI Model  


• Acts as a role model within and outside AF. 


• Performs duties as workload necessitates.  


• Maintains a positive and respectful attitude.        


• Communicates regularly with the departmental leader about department issues.  


• Demonstrates flexible and efficient time management and ability to prioritize workload.  


• Consistently reports to work on time, prepared to perform duties of the position.  


• Meets Department productivity standards. 

 ESSENTIAL DUTIES AND RESPONSIBILITIES 

• Conduct, support, and report on risks associated with AF’s information systems through careful analysis and systems review


• Monitor events and alerts generated by information security controls and monitoring systems, access and privileges management, and asset management tools to recommend changes to mitigate risk and meet industry and company best practices and standards


• Coordinate, perform, and review vulnerability scan results on internal and external information systems and share results via ticket tracking with operations and compliance teams as needed


• Identify, monitor and report on the progress of the deployment of patches


• Support the different operation teams in selection of information security controls and assist with information system controls assessment process prior to release into production


• Review and provide edits to AF policies, procedures and security framework


• Generate and prepare reports associated with the performance of information security controls including cyber security assessments and security profiles


• Participate in the investigation and documentation of security-related events


• Foster a culture of compliance by assisting in security awareness trainings


• Handle member security related requests


• Provide input for decision-makers on issues affecting the security of the organization 

ADDITIONAL DUTIES AND RESPONSIBILITIES 

• Provide backup support to Service Desk as needed


• Accomplishes all tasks as appropriate.

 QUALIFICATIONS 

• Practical, well-balanced and positive person with high standards and professional demeanor


• Creative and innovative person that can help devise solutions to prevent hackers from intrusion and stealing critical information or creating problems for our information systems


• Well-organized and self-directed 


• Works well with multiple teams 


• Intelligent and articulate individual who can relate to people at all levels of an organization and possesses excellent communication skills


• A good educator who is trustworthy and willing to share information and serve as a mentor. 


• A decisive individual who possesses a "big picture" perspective and is well versed in systems. 


• Demonstrate experience identifying potential security risks and must be able to develop action plans and carry them out quickly and effectively to mitigate risk. 

Required Qualifications

• 4+ years of progressive experience in information technology or information security


• Bachelor's degree in information technology or related field


• Certified in Security+, SSCP, CISA, CISM, or CISSP (Manager may elect to evaluate experience of candidates in other IT-related job fields in place of specific InfoSec experience, education, or certification)

Language Skills 

• Ability to read, analyze, and interpret complex technical documents. 


• Ability to respond effectively to sensitive inquiries or complaints. 


• Ability to write assessments and profile reports and articles in lay person style. 


• Ability to make persuasive presentations on complex topics to top management. 

Reasoning Ability: 

• Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems.


• Ability to deal with nonverbal symbolism (Formulas, scientific equations, graphs, etc.,) in its most difficult phases.


• Ability to deal with a variety of abstract and concrete variables. 


• Must be able to develop action plans and carry them out quickly and effectively. 


• Ability to prioritize and thrive in a fast-paced, changing environment

AMERICANS WITH DISABILITY SPECIFICATIONS 

PHYSICAL DEMANDS 

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. 

While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; talk or hear; taste or smell. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus. 

WORK ENVIRONMENT 

This is a fully remote position requiring reliable high-speed internet access and a dedicated workspace.

Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.