With over 100 offices and nearly 5,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level. CBIZ has been honored to be the recipient of several national recognitions: 2019 America's Best Mid-Size Employers by Forbes, 2019 Best Workplaces in Consulting & Professional Services by Great Place to Work and FORTUNE, 2019 Workplace Excellence Seal of Approval by the Alliance for Workplace Excellence, and one of the Top 101 highest scoring companies in the country for Best and Brightest Companies to Work For in the Nation by the National Association for Business Resources.
Our office in Cleveland, OH is home to the Corporate Headquarters of CBIZ, Inc.With nearly 100 offices and more than 4,600 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level.
Job Purpose / Objective
The Information Security Analyst will support the protection of our information assets from intentional or unintentional disclosure, modification, destruction, or denial of access through the implementation of appropriate information security policies, standards, guidelines, and procedures. The Analyst's role is to identify and resolve potential security breaches and vulnerability issues in a timely and accurate fashion.
The Information Security Analyst will conduct both network and user activity audits to ensure compliance with policy and standards where required, and determine security needs, developing and implementing solutions, and creating and enforcing security policies are essential tasks for this position. The Analyst plans, develops, coordinates, and assists with the implementation and enhancement of information security measures to provide access to our systems and information in a secure manner.
Essential Functions & Primary Duties
Perform audits, risk assessments, and vulnerability testing (internal, external, application, database, and firewall) to identify potential threats with appropriate remediation strategies.
Identifies potential threats, investigates and responds to reported security violations/incidents, and recommends and implements corrective actions by conducting security audits.
Develop and implement, as required, the necessary monitoring and detection solutions to audit and enforce company policies, controls, and standards.
Assist with administration and operational support of CBIZ unified threat management firewalls.
Manage and support advanced threat detection solution, including planning deployment of appliances in M&A offices, daily monitoring and investigation and working with vendor technical support and customer success teams.
Manage and support security log management solutions and assist staff in troubleshooting and resolving network security issues including root cause and strategies to minimize future events.
Perform incident response investigation and reporting activities in a timely and consistent manner, and assist with potential breach investigation and reporting.
Conduct research on emerging threats and mitigating security products, services, and standards to protect our systems, networks, and data.
Recommend, pilot and deploy additional security products and tools, or enhancements to existing tools, to detect violations of network security measures and malicious activities.
Support the Vulnerability Management program to identify, communicate, and track vulnerabilities and patches for critical systems and devices.
Develop security and privacy policies, awareness materials, presentations, and training sessions to ensure employee awareness of appropriate information security policies and controls.
CISSP or equivalent Information Security certifications are preferred.
Three or more years of Information Security experience including use of security best practices.
Working knowledge of information security frameworks, standards, and general best practices.
Strong understanding of data privacy and protection requirements relating to personally identifiable information and protected health information.
Advanced knowledge of information security and computer network, application, and user access technologies including email security and encryption, multi-factor authentication, end-point security, anti-virus/anti-malware, and security log management.
Strong interpersonal and communication skills.
Associates degree in Computer Science or relevant business experience.
Ability to work independently and with cross-functional teams.
College Degree or equivalent required
3 years related experience
Ability to lead and coordinate the team activities of others
Proficient use of applicable technology
Ability to execute and draft technical instructions and guidelines
Ability to document daily activities and system functions
Able to work in a team environment
Demonstrated ability to communicate verbally and in writing throughout all levels of an organization, both internally and externally
Ability to travel as required by business and on-call availability