Information Security Assurance Analyst II (Relocation Opportunity)

Benefitfocus Tampa , FL 33602

Posted 11 months ago

Position is located in Charleston, SC

The Information Security Assurance Analyst is responsible for assisting with the SOC, PCI, HIPAA and other regulatory audits to include but not limited to the creation of audit plans, auditing security controls, policies and procedures and analysis of data in order to ensure regulatory compliance.

Job Duties:

  • Organizes compliance program by creating reports and metrics from Data Loss Prevention tools, maintaining technical policies and rules (including Regular Expressions), and working with other teams to communicate changes made.

  • Supporting assurance functions of the organization by using various compliance tools.

  • Attains compliance by isolating and resolving non-compliance issues; recommending remediation to technical issues.

  • Development of APIs to integrate compliance tools with other data sources (e.g. HR systems, Cybersecurity tools).

  • Ability to write solution workflow diagrams, system documentation, playbooks, etc.

  • Prepares compliance reports by collecting, analyzing, and summarizing measurement data and trends.

  • Updates job knowledge by tracking and understanding emerging compliance engineering practices and standards; participating in educational opportunities and professional organizations; reading professional publications; maintaining personal networks.

  • Enhances engineering and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.

  • Prior experience auditing and performing quality control actions of audits.

Required Minimum Qualifications:

  • Bachelor's Degree in related field and 3+ years of experience in Information & Network Security or IT Compliance.

  • Strong technical, analytical, interpersonal, communication and writing skills Strong verbal and written communication skills with ability to work in a team setting

  • Good understanding of fundamental security and network concepts (operating systems, databases, intrusion/detection, TCP/IP, ports, etc.)

Preferred Qualifications:

  • Information Technology experience in the Healthcare or SaaS Industry

  • Experience with GRC tools for information gathering and reporting

  • Knowledge of government and/or industry regulatory requirements (SOC, HITRUST, PCI, SOX, HIPAA, etc.)

  • Knowledge/understanding of security standards (e.g. NIST, STIG, etc.)

  • One or more of the following Certifications: CISSP, CRISC, CISA, CCNP, CISM

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Principal / Senior Principal Cyber Info Assurance Analyst

Northrop Grumman

Posted 5 days ago

VIEW JOBS 2/20/2020 12:00:00 AM 2020-05-20T00:00 Northrop Grumman Mission Systems is actively seeking an experienced Cyber Info Assurance Analyst to fill a role that requires a broad array of knowledge and skills working with team members to support a Cyber Security program based in Tampa, FL. We're looking for a highly motivated individual with an impeccable work ethic and a strong ability to work in a collaborative fast-moving dynamic team environment. The primary team is located in Tampa, Florida with distributed team members embedded directly with the customer. In this position you will: * Experience with implementation of Risk Management Framework (RMF) within the Intelligence Community (IC). * Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. * Establish strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. * Assist in the implementation of the required government policy, make recommendations on process tailoring, participate in and document process activities. * Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. * Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the System Security Plans and update the Plan of Actions and Milestones POA&M. * Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. Individual must have a solid understanding of the Department of Defense accreditation process and be able to operate in those environments. Basic Qualifications for Principal level: * US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months * Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting * 5 Years with Bachelors in Science; 3 Years with Masters; 0 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree Basic Qualifications for Sr. Principal level: * US Citizenship is required with an active DoD Top Secret/SCI security clearance which was active in the last 24 months * Must possess or be able to obtain DoD 8570 Certification for IAT Level II or higher within two (2) months of starting * 9 Years with Bachelors in Science; 7 Years with Masters; 4 with PhD / NOTE: Four (4) years of additional experience can be substituted in lieu of degree Preferred Qualifications for both Leveling: * DoD 8570 Certification for IAT Level III * Functional experience working with military service-level Security Accreditation Authorities (SCA) and Designated Approval Authorities * Vulnerability assessment experience * Recent military experience or familiarity with DOD * Experience with Assured Compliance Assessment Solution (ACAS), Host * Based Security System (HBSS), SolarWinds Log & Event manager (LEM), Splunk, and other enterprise security defense, forensic, and SIEM tools * Experience with network security controls such as routers, switches, firewalls, intrusion management solutions, network access control, and related solutions * Working knowledge of Linux and Windows operating systems and applications * Strong troubleshooting skills * Demonstrated success working individually or as part of a team requiring little supervision * When required, have the ability to work outside of normal working hours and weekends as needed to support the customer's needs * Strong verbal and written communication skills * Must be able to work in a fast-paced environment Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions. Northrop Grumman Tampa FL

Information Security Assurance Analyst II (Relocation Opportunity)