Security Analyst Position Available In DeKalb, Georgia

Responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Work with management, development personnel, risk staff, auditors, facilities, and security department personnel to identify and implement security plans to ensure that all information assets are appropriately safeguarded, including the following:, software applications, hardware, telecommunications, and computer installations. Determine methods of implementing and enforcing security policies. Responsible for maintaining a high level of user trust and confidence in the groups knowledge of and concern for security of systems, while working on multiple network security projects. Essential Responsibilities•:

Lead development of information security technology tasks and projects.

Ability to communicate with all levels of management.

Generate, coordinate, and maintain of project plans.

Develops cost analysis estimates for information security tasks and projects.

Keep project plans updated as required.

Interact with customers as required by project objectives.

Understanding of business process as it relates to information security.

Define, redesign, and document security processes and procedures.

Coordinate the development and delivery of awareness for information security.

Work with resource owners to determine appropriate security policies for securable resources.

Consult with IT staff to evaluate, select, install, and configure hardware and software systems that provide appropriate security functions.

Assist resource owners in understanding and responding to security failures/problems.

Assist in determining cause of security related events and identify potential security related events.

Communicate to appropriate personnel on normal and exception processing of security authorization requests and/or breaches.

Assist with documentation of security policies; maintain resource classification, may be required to present on security status, project status, and security training to management and IT personnel as needed.

Assist in proactively protecting the integrity, confidentiality, and availability of information in the custody of or processed by the company.

Consult with business units to ensure selection and use of realistic enforcement mechanisms.

Aid in review of security policies and auditing of logs.

Assist in developing and maintaining effective disaster recovery plans, processes, and procedures.

Assist inResearch, evaluate, design, test, recommend, and plan implementation of new or improved information security research, evaluate, design, test, recommend, and plan implementation of new or improved information security technology.

Train information owners in the implementation of necessary computer security controls.•May perform other duties as assigned.

Quals–Top 5 must have skillsets:

Experienced security 3rd party risk analyst who knows general security practices.

Conduct applicable due diligence to onboard new vendors into the vendor management system and set appropriate review requirements based on the vendor risk rating and program guidelines.

Has worked with 3rd party tools on submitting and receiving security questionnaires, and the ability to assess the responses.

Experience speaking with vendors to gain more insights.

Ability to handle pressure and urgent requests.2-6 years experience required. What you need to succeed (minimum qualifications):5 or more years of experience with information technology security programs, audits, controls and/or third-party risk managementAbility to identify and assess IT security controls against Company policies and standards and Federal/State Regulatory requirements and identify and communicate gapsExceptional written and verbal communication skillsAdvanced computer skills including Microsoft Office suit and other business-related software programsAbility to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environmentProven analytical / problem solving skills and ability to work with cross-functional teamsHigh School diploma, GED or High School Equivalency.

Embraces diverse people, thinking and styles.

Consistently makes safety and security, of self and others, the priority.

What will give you a competitive edge (preferred qualifications):

Bachelors Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information SecurityKey industry certifications such as CISA, CISM, CISSP, CRISC, etc.

Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc.

Familiarity with third party information security attestations/certifications such as

SOC I/II

reports, ISO, PCI-DSS, SOX.Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessmentsExperience across Information Security domains such as governance and compliance, incident response, identity and access management, penetration testing, or e-discovery and forensicsExperience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of businessExperience with RSA Archer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. NLB is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, contact HR department by sending an e-mail to notifications@nlbservices.com.