IT Security Analyst IV responsible for identifying, analyzing, and managing information security incidents. Requires 7+ years of experience in IT, 3+ years in problem management, and 3+ years in information security. Key requirements include excellent communication skills, ability to present complex technical issues, and knowledge of security principles.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Nice to Have
Job Description
Title: IT Security Analyst IV
100% Remote
Long Term Contract On C2C
Job Description:
Responsibilities:
- Primarily responsible for the identification, analysis, and management of underlying causes of information security incidents, acting as the focal point leading problem management efforts and ensuring effective actions are taken to prevent recurrence
- Supports the transition from incident response to structured problem management, in coordination with WK global security operations, driving root cause analysis (RCA) for significant or recurring security incidents
- Contributes to the analysis and delivery of findings to internal customers with impactful, comparative, interpretative security analysis in a clear, consistent, and factual manner, with a focus on long-term risk reduction
- Responsible for establishing communications bridges and meetings in support of problem investigation and remediation efforts
- Responsible for maintaining proper group focus during problem analysis activities and redirecting efforts in support of timely identification of root cause and permanent resolution
- Responsible for aggregating information relevant to security incidents and associated trends, synthesizing probable root causes, systemic issues, and control gaps
- Responsible for developing and recommending the best course of action based on solid security principles, focusing on permanent fixes and prevention of recurrence
- Drives the problem management process from identification through root cause determination, known error documentation, and implementation of permanent corrective actions
- Accountable for documenting all WK and partner activity related to problem investigations, root cause findings, and remediation actions
- Responsible for ensuring appropriate post-incident (post-mortem) and lessons-learned sessions are conducted, with emphasis on identifying root causes and preventive controls following restoration of service
- Responsible for organizing and taking part in cross-functional problem review and incident exercise activities, ensuring that policy and procedure are followed and continuously improved
- Responsible for ensuring knowledge of IT security, emerging threat scenarios, and industry best practices in problem management is current
- Responsible for ensuring information arising from problem management activities, including required configuration changes or control enhancements, is communicated to the proper operational contacts for execution
- Accountable for establishing and maturing the Security Problem Management capability, ensuring alignment with ITIL best practices and integration across Security Operations, Engineering, and Enterprise IT functions
- Drives strategic reduction of security risk by identifying systemic control gaps and ensuring sustainable remediation across technologies, platforms, and business units
- Leads the development and governance of problem management KPIs and KRIs, including reduction in recurring incidents, time to root cause, and time to permanent fix, and reports progress to senior leadership
- Establishes and chairs a cross-functional Security Problem Review Board, ensuring prioritization, accountability, and executive visibility for high-risk and systemic security issues
- Partners with senior stakeholders across business units, technology teams, and third-party providers to drive accountability for remediation activities and ensure alignment with enterprise risk tolerance
- Influences and informs security strategy by translating problem management findings into actionable improvements to security architecture, controls, and operational processes
- Ensures alignment with enterprise risk management, audit, and compliance requirements, supporting frameworks such as NIST, ISO, and internal WK governance standards
- Drives continuous improvement across the incident and problem management lifecycle, identifying opportunities for automation, tooling enhancements, and process optimization
- Provides leadership and mentorship to analysts and team members engaged in problem analysis activities, fostering a culture of accountability, analytical rigor, and continuous learning
- Acts as an escalation point for high-impact or complex security problems, ensuring appropriate prioritization, executive communication, and timely resolution
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Bachelor's Degree in Computer Science/MIS or equivalent experience
- 7+ years of total experience in Information Technology
- 3+ years in an information problem management role
- 3+ years of professional experience in an information security function, including analyzing and applying information security risk management, and privacy practices
- Flexible working hours to support a global operation
- Required Interpersonal Skills
- Excellent oral and written communication ability
- Ability to present complex technical issues and findings to diverse audiences in both technical and non-technical parlance, both orally and in writing
- Diplomacy in working with customers and stakeholders
- Ability to follow policy and procedure
- Ability to work in a team and at times perform under stress
- Demonstrate integrity in dealing with potentially sensitive data and restricted information
- Exceptionally self-motivated with a superior analytical, evaluative, and problem-solving abilities
- Ability to set and manage priorities judiciously
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Required Technical Skills:
- Knowledge of basic security principles to include confidentiality, integrity, and availability; access control, authentication, and authorization; privacy and non-repudiation
- Understanding of security vulnerabilities and exposures, and from where they arise
- Familiarity with the Internet, its network protocols, and network applications and services
- Knowledge of network security issues and host/system security issues
- Understanding of malicious code of various types and various threat vectors
- Experience with Risk Analysis and Risk Management
- Basic understanding of programming and scripting, advanced knowledge a plus
- Required Incident Handling Skills
- Through good communication and documentation, presents a consistent front to customers and stakeholders
- Ability to synthesize data from technical skills listed above to understand and identify intruder techniques
- Ability to utilize interpersonal skills listed above to communicate with customers and stakeholders and bring quick resolution
- Demonstrated ability to analyze ongoing situations for the potential of a security incident
- Ability to maintain incident records in support of WK recovery, regulatory and legal requirements
- Familiar with ITIL service management methodology.
- Prior experience in a 24x7x365 operations environment.
- Experience with ServiceNow and reporting a plus
- Experience with Pagerduty/Xmatters a plus
- Strong technical skills in security assessments of external service providers, providing security guidance, and participating in mock security breach exercises
- Experience with GDPR and GDPR compliance implementations
- Experience and/or SME knowledge of the ISO 27001, NIST 800-53, NIST CSF and PCI DSS.
Preferred certifications:
:CISSP, ITIL, GCIH, CERT/CC CSIH, GCTI
Similar Jobs
Explore other opportunities that match your interests