Skip to Main Content

Security Analyst

TechHub Engineer (as a recruiter) Los Angeles, CA

  • Expired: over a month ago. Applications are no longer accepted.
Job Description

About the Role

As a member of the Information Security team, the Information Security Analyst will report to and work closely with the Sr. Manager, Information Security to manage technical safeguards designed to protect the confidentiality, integrity, and availability of sensitive information and to assess, manage, and remediate security breaches, system vulnerabilities while ensuring compliance with company policies.

The goal of this role is to research, build, analyze, and document repeatable processes and tools that will prevent unauthorized access to sensitive information and proactively monitor various cloud solutions for cyber security incidents.

Additionally, the Information Security Analyst will collaborate with departmental IT staff to apply modern security tools, standards, and methods to networks, operating systems and custom or packaged applications; administers information security systems and tools, conducts technical analysis of problems related to applications and infrastructure; conducts research and evaluation of emerging technologies, tools and methods; recommends solutions to leadership. Provides after-hours support as requested or assigned.

Responsibilities

  • Help develop technical solutions and new security tools to mitigate security vulnerabilities and automate repeatable tasks.
  • Analyze and continuously review output for infrastructure security systems, such as EDR, security events logs, etc.
  • Assist with research and testing of additional security processes and products.
  • Contributes to tool optimization and automation initiatives to streamline analysis and response workflows.
  • Identify, triage, and remediate threats based on threat intelligence as well as active analysis of log data.
  • Investigate and communicate with peers on the risk posed by these threats.
  • Evaluate system, application, and user data for adherence to organizational policies and procedures.
  • Assess newly published vulnerabilities and attacker Tactics, Techniques and Procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
  • Monitor compliance with the organization’s information security policies, procedures, compliance
  • and refers problems to appropriate department managers or administrators
  • Perform Privacy Impact Analysis reports as part of any project or release that involved employee and/or customer personally identifiable information (PII) in compliance with US and EU Data Privacy Directives
  • Participate in identifying risks in new system acquisition and defining mitigating requirements
  • Perform targeted information security risk assessments as part of any significant change or project
  • Identify and define controls for new systems and processes
  • Serve as an internal IT auditor and cooperate with the internal lead for all external audits (SOX, Annual Financial ITGC audit, PCI, etc.)
  • Support compliance and documentation tasks, processes, procedures and events as needed. Collaborate in writing comprehensive reports, including assessment-based findings, outcomes, and propositions for further system security enhancements.
  • Help configure and troubleshoot security controls (e.g., AWS SGs, FIM, SIEM, etc.)
  • Audit data access activities and document relevant findings
  • Work as an advocate for data privacy, ensuring that there is always a focus on protecting this information

Required Skills

  • Possess information security certifications such as CISSP, CISM, Security+, CEH, SANS, etc.
  • 2+ years in an Information Technology Security role
  • 2+ years demonstrated detailed analysis Information Security role
  • Knowledge of the security requirements for ISO 27001/27002, PCI DSS, and SOX regulations
  • In‐depth knowledge of security concepts such as cyber‐attacks and techniques, threat vectors, incident management, etc.
  • Familiarity with AWS security and products and web-related technologies (strongly desirable.)
  • Experience with Linux and/or Mac
  • Apply critical thinking to all activities and actions, in pursuit of Fashion Nova and Information Security goals.
  • Proficient in Incident Management, Response and preparation of reports, dashboards, and documentation
  • Understanding of security tools and concepts (VM, IAM, SIEM, EDR, etc.)
  • Skilled in vulnerability management and tools such as Qualys.
  • Ability to work independently with minimal direction and supervision in a fast‐paced environment
  • Possess the verbal and written communication skills to work effectively with technical and non-technical personnel at various levels in the organization; ability to use standard English grammar and punctuation.
  • Ability and willingness to provide after-hours support as assigned or requested.

Preferred Skills

  • Experience working with the Cyber Kill Chain Model, MITRE ATT&CK Matrix, and NIST cybersecurity framework.
  • Knowledge of CCPA, GDPR, and HIPAA regulations
  • Broad knowledge of software development lifecycle
Company Description
TechHub Engineer is a full service Value Added Reseller providing Staffing, Products Sales, and Technical Services. We are providing recruiting services for this project

TechHub Engineer (as a recruiter)

Why Work Here?
Techhub Engineer is the leading Global Provider of IT services

TechHub Engineer is a full service Value Added Reseller providing Staffing, Products Sales, and Technical Services. We are providing recruiting services for this project

Address

2801 E. 46th Street Vernon

Los Angeles, CA
USA

Industry

Real Estate

View all jobs at TechHub Engineer (as a recruiter)