Senior Information Security Analyst

Under the direction of the Information Security Manager, act as a subject matter expert and technical leader concerning complex information security technology, topics, and issues. Responsible for technical and specialized duties in security framework, architecture design, risk management, incident management, vulnerability management, and information security programs and technology implementations, with the goal of enhancing the organization’s security posture.

1. Provide expertise in defining, evaluating, and recommending/implementing security controls and technologies to protect organizational assets.
2. Lead security architecture and technology design, identify gaps, recommend enhancements, and ensure security requirements are integrated and implemented.
3. Collaborate with Architecture, Infrastructure, and Technology teams to review existing architectures, identify gaps, and suggest security improvements.
4. Assist in defining architectural and technology standards impacting system and data security.
5. Develop, validate, maintain, and implement security policies, standards, guidelines, and procedures to ensure compliance with the Information Security Program.
6. Conduct detailed risk analyses and assessments to identify, mitigate, and control risks to infrastructure, systems, and data; advocate for security and risk management with stakeholders.
7. Oversee third-party evaluations to ensure their technology environments adequately protect shared data, meet security contract requirements, and are regularly audited.
8. Monitor current threat trends and conduct future threat analysis to proactively design security measures against evolving threats.

Typically requires:

1. Bachelor’s Degree in Computer Science or related field, or equivalent experience.
2. Minimum 8 years of hands-on technical experience in information security.
3. Expert knowledge of security principles and technologies.
4. Over 5 years of experience designing and implementing diverse security solutions across disciplines.
5. Broad experience with risk and threat assessment methodologies.
6. Ability to balance business needs with risk concerns and communicate effectively with leadership.
7. Extensive experience with compliance standards such as HIPAA, PCI, ISO 27001.
8. Proven skills in identifying and analyzing vulnerabilities, performing security testing, and remediating issues.
9. Strong communication skills and ability to interpret complex issues and technologies.
10. Ability to exercise discretion and independent judgment.

Salary Range: $84,000 - $141,750. Compensation includes potential bonuses and commissions. For more details on benefits, click here.

VSP Vision is an equal opportunity employer and maintains a drug-free workplace. We do not discriminate based on age, gender, race, religion, or other protected categories. Pre-employment drug testing is required.

Notice to Candidates: Beware of fake job offers. Click here to learn about our legitimate application process and warning signs of scams.