Icon hamburger
Briefcase

Create Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
No Thanks
US
What job do you want?

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Apply on company site

You’re being taken to an external site to apply.

Create an account to get recommended jobs that match your resume and apply to multiple jobs in seconds!
On the next page, you'll build a resume in 3 steps thanks to our AI technology
8-15 characters
Contains Number
Contains Lowercase
Contains Uppercase
Contains Special Character
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Sr. Information Security Analyst at UPS

Sr. Information Security Analyst

UPS Mahwah, NJ Full-Time
Apply on company site

Create Job Alert.

Get similar jobs sent to your email

Sr. Information Security Analyst

We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS.  We are the United Problem Solvers.

About Information Security at UPS Technology:
Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends.  As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.

About this role:

The Sr. InfoSec Risk Analyst will assist in supporting UPSs’ Risk Management program.  They will conduct information security assessments and/or compliance reviews on internal UPS systems and third party vendors.  The Sr. Analyst will prepare and initiate assessments/audits facilitated by electronic survey's and questionnaire assessments, interviews and security control reviews. He/She will provide support for internal and external security assessments, including gathering and discussing evidence, and tracking remediation responses and activities. The Sr. Analyst is expected to perform the following key tasks:

  • Identifies key points of contact, establish communication channel
  • Collaborates with functional teams on cyber risks and company information security initiatives
  • Initiates security assessment/audit overview meetings and schedule Q&A sessions
  • Performs security risk assessments and provides information security awareness
  • Conducts internal security and confidential information investigations and information usage security audits
  • Leads and supports enterprise wide information security and cyber risk assessments with technical and non-technical teams
  • Manages assessment/audit time line for questionnaire, interview, evidence verification, and report preparation
  • Proactively identifies and develops recommendations to information security and cyber risk issues and vulnerabilities by working with multiple teams including privacy, compliance, internal audit, legal, HR, information technology, etc.
  • Contributes to the development of the information security requirements of vendor and customer security control requirements to ensure UPS's information assets are protected, and follow UPS policies, standards and compliance obligations
  • Ensures all Information Security controls meet company standards for confidentiality, integrity, availability and defense in depth security principles
  • Provides security control remediation responses where Information Security controls are found to be deficient or non-compliant
  • Responds to UPS customer inquiries and audits of UPS's security program
  • Reviews and negotiates InfoSec contractual terms in vendor/customer contracts
  • Develops and maintains relevant security risk metrics to promote transparency across the organization
  • Measures, monitors and reports on information security risks to Sr. Management
  • Performs other duties as assigned

Qualifications:

  • Experience gathering information from a range of different sources, developing and creating search queries
  • Experience in using InfoSec assessment/audit tools and/or controls questionnaires based industry standard frameworks (i.e. NIST; ISO; Cobit; CSA)
  • Experience with regulatory requirements (i.e. PCI; GDPR; HIPPA; Privacy; NYDFS; etc)
  • Experience using GRC tools and technologies in support of the assessment/audit process
  • Advanced Experience with Auditing Controls, I.T. Auditing fundamentals, Cybersecurity Analysis and  documentation
  • Demonstrated experience across information security and cyber risk domains required
  • Candidate must have excellent organization skills and be a self-motivated learner, Effective Communication skills
  • CISA, CRISC, CISM, or CISSP certifications

Preferred Qualifications:

  • Bachelor's degree in Information Technology, Information Security, Computer Science, Auditing or related discipline

This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.


UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law
 

Recommended skills

Auditing
Risk Analysis
Certified Information Systems Security Professional
Certified In Risk And Information Systems Control
Certified Information Security Manager
Investigation
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 16742893

CAREERBUILDER TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.