Skip navigation
Information Security Analyst

Information Security Analyst

Job Description

Category:   Information Systems

Date Posted:   7/8/2014

The Information Security Analyst is responsible for the definition, planning, and monitoring of security measures for the protection of computer networks and information. This individual will also be responsible for monitoring and analysis of network security hardware and software, developing and enforcing network security policies and complying with requirements of external security audits and recommendations (e.g., PCI). The Information Security Analyst is responsible for supervising the implementation and upgrade of systems.

Duties and Responsiblities:

  • Defines and maintains overall computer network security strategies (Best Practices/Common Practices) with Servers/Desktops/Laptops/Mobile Devices. Communicates security policies and strategies to people of varying technical ability.
  • Monitors operation of perimeter security systems such as firewalls, routers, proxy, intrusion detection systems, and VPNs.
  • Monitors operation of End Point security systems such as anti-virus, patch management, and disk encryption.
  • Monitors operation of Log Management (SIEM) systems. Examines a variety of data sources to correlate events and determine courses of action.
  • Performs risk assessments and executes tests to ensure functioning and effectiveness of security measures
  • Internal/perimeter network scans
  • Creates and publishes daily/weekly/monthly/quarterly/annual scorecards
  • Follows up on noncompliant items discovered during scans. Works with other internal teams and departments to ensure their systems are in compliance.
  • Coordinates with other Information Systems teams and various internal departments on computer network security responsibilities (e.g., Technical Support, Retail Team, and Finance).
  • Creates general user awareness notifications and trains users and promote security awareness to ensure system security.
  • Develops and maintains documentation relating to information security, including but not limited to: security hardening guidelines, information system policies and procedures, PCI compliance documentation, incident response guidelines, and new employee security training.
  • Serves as Information Systems’ central point of contact for all audits.
  • Monitors security systems, including firewalls, proxies, IDS/IPS, AV, and other systems that generate security data for anomalies or indicators of intrusion.
  • Manages the incident response process when network anomalies are discovered and drives the incident process to completion.
  • Manages relationships and coordinates operational activities between RaceTrac and external security services providers (e.g., MSSPs, Pen Testers, etc).
  • Communicates with vendors regarding the evaluation of new technologies, develops functional testing plans, and makes recommendation on future technology purchases. Coordinates with other RaceTrac teams on evaluation of this technology.

Job Requirements

  • Bachelor’s degree from an accredited college or university; a degree in Computer Science, Information Technology, Security or related field preferred
  • 5+ years experience in related field preferred
  • Project management skills preferred
  • CISSP or other industry-accepted certification (CISA, CISM) strongly desired
  • Knowledge of networking, firewall, and VPN systems
  • Knowledge of file integrity monitoring software and network scanning software
  • Knowledge of anti-virus systems
  • Knowledge of log management/SIEM systems
  • Technical certifications a plus

CB Pull

Job Snapshot

Employment Type Full-Time
Job Type Professional Services, Information Technology
Education 4 Year Degree
Experience At least 5 year(s)
Manages Others Not Specified
Industry Other Great Industries
Required Travel Not Specified
Job ID 53506490068
CareerBuilder Tip:
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using you are agreeing to comply with and be subject to the Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

Information Security Analyst

Enter notes about this job: