Information Security Analyst

The Information Security Analyst plays a leading role in driving information security analysis and vulnerability remediation. This role is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security. The Information Security Analyst will work with IT and other departments to promote secure practices and improve information security processes and policies. The position will be responsible for identifying vulnerabilities in a system and can implement security controls to eradicate and/or mitigate the exploit. The positions require effective verbal and written communication skills to provide good customer service. The position is located in San Jose, CA.

• 
  

  Analyzes and vets vulnerabilities then validate vulnerabilities are remediated

  
  


• 
  

  Schedules and performs regular vulnerability scanning activities in the corporate network

  
  


• 
  

  Reviews security vulnerabilities to identify risks to computing assets

  
  


• 
  

  Provides technical vulnerability analysis and remediation options

  
  


• 
  

  Reduces vulnerability by improving remediation and patch management process

  
  


• 
  

  Leads discussions with internal stakeholders to ensure remediation efforts adhere to Company standards

  
  


• 
  

  Familiarity with Qualys and Nessus vulnerability scanner

  
  


• 
  

  Familiarity of Network and Web Application Penetration testing

  
  


• 
  

  Ability to report and present findings to a non-technical audience

  
  


• 
  

  Assists with IT Operations request as necessary

  
  


• 
  

  Performs other similar duties as assigned

  
  


• 
  

  Bachelor's degree in Computer Science, Information Systems and/or 1-3 years experience in an information security role

  
  


• 
  

  Certified Information Systems Security Professional (CISSP), Certified Internal Systems Auditor (CISA), Certified Ethical Hacker (CEH) or other security certification desired

  
  


• 
  

  Must have excellent written and verbal communication skills

  
  


• 
  

  Provide excellent customer service

  
  


• 
  

  Detail oriented

  
  


• 
  

  Ability to exploit recognized vulnerabilities

  
  


• 
  

  Good problem solving and troubleshooting skills with experience exercising mature judgement

  
  


• 
  

  Excellent teamwork and interpersonal skills

  
  


• 
  

  Demonstrated ability to learn new skill such as penetration test validation and security patching

  
  


• 
  

  Exhibit good organizational skills to analyze, develop, and deliver detailed reports meeting tight schedules

  
  


• 
  

  Valid California Driver License

  
  


• 
  

  Upon hire, must provide proof of COVID-19 vaccination status

  
  


• 
  

  Knowledge and ability to evaluate, assess, and implement IT risk mitigation processes and procedures

  
  


• 
  

  Knowledge of network security controls and vulnerability management

  
  


• 
  

  Working knowledge of information security standards, rules, and regulations including International Organization for Standards (ISO) 27001, 27002, National Institute of Standards and Technology (NIST), and Defense Federal Acquisition Regulation Supplement (DFARS)

  
  


• 
  

  Demonstrated knowledge of network, server, mobile devices, application, and database security principles for risk identification and analysis

  
  


• 
  

  Demonstrated knowledge and ability to work effectively with auditors, customers, consultants, employees, and vendors

  
  


• 
  

  Demonstrated analytical and problem solving skills

  
  


• 
  

  Demonstrated time management and organizational skills

  
  


• 
  

  Flexible and able to prioritize work