Job Requirements

advertisement
Keane
*Position Title:
*Position Type:
*Compensation:
*Start Date:
*Location:
Junior Information Security Analyst
Full-Time
Salaried
ASAP
King of Prussia, PA
*Job Description
The Junior Information Security Analyst reports to the Corporate Information Security
Manager and is responsible for conducting internal IT, information security and operational
assessments of various systems, applications and business processes to verify compliance
with prescribed policies and procedures and identify risks. The Junior Information Security
Analyst assists with recurring security and compliance monitoring tasks, including access
reviews, log reviews, vulnerability scans and penetration tests, client-issued information
security assessments, vendor management assessments, and tracking of remediation
items. Additionally, the Junior Information Security Analyst prepares and presents audit
reports and recommendations to improve and promote effective internal controls and
operational efficiency, and provides council and advice to management regarding audit
findings, recommendations and appropriate corrective measures.
*Job Requirements
* Skills &
Qualifications:
The ideal candidate has experience in an IT or information security audit capacity and must
possess strong attention to detail, be self-motivated, and have solid written and oral
communication skills.
Duties: Include, but are not limited to the following:
 Perform recurring security and compliance monitoring tasks, including but not
limited to: access reviews, log reviews, vulnerability scans and penetration tests.
 Plan and conduct internal audits to assess IT and security controls, operational
efficiencies, and compliance with selected policies and procedures. Report audit
findings and make recommendations to key stakeholders to communicate results
and effect change when necessary.
 Assist in the development, deployment, annual review and communication of
company policies, procedures and standards.
 Assist in completing client-issued information security assessments and tracking
remediation items.
 Conduct vendor management assessments, present results to senior management,
and track remediation items.
 Assist in coordinating the annual SSAE 16 audit process.
 Assist in annual business continuity and disaster recovery activities, including risk
assessment, business impact analysis, business continuity plan, and business
continuity testing.
 Participate in a team environment and build strong working relationships.
 Keep abreast of current and emerging technologies and recommend changes to
audit programs and monitoring tasks as necessary.
Qualifications:
 1-4 years of work experience in an internal or third-party IT or information security
audit capacity.
 Ability to effectively communicate with HR, IT, business managers, senior
management, and executives.
 Candidate will understand the role of security controls, audit controls and risk
treatment plans, and will have a general understanding of privacy and information
security laws, regulations and standards: GLBA, SOX, HIPAA, FISMA, CA and MA
state laws, etc.
 Knowledge of industry security standards and frameworks, including: ISO 27001/2,
COBIT, NIST, etc.
 Knowledge of risk management concepts, tools, and techniques.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 1 of 2

Education:
Certification(s):
Travel:
Knowledge of system hardening practices and audit techniques for assessing the
security of common operation systems, databases and business applications.
 Knowledge of network and Internet security devices, protocols, and techniques.
 Demonstrated project management skills.
 Strong analytical skills to analyze IT and business processes and identify risk.
 Proficiency in Microsoft Office applications.
 Strong work ethic, excellent verbal and written communication skills.
 Self-starter, self-motivated, pro-active and able to handle concurrent activities.
 Excellent interpersonal skills and a positive attitude.
Bachelor’s Degree in Information Security, Computer Science, MIS or related field.
Required: None
Desired: CISA, CISSP, etc.
None
*Contact Information
Job Reference:
*Contact Name:
Email Address:
Telephone:
Fax:
Website:
Company
Information:
Special
Instructions:
N/A
Nicole Griet – Human Resources
ngriet@keaneup.com
610-232-0700
http://www.keaneup.com
Keane has been providing services to address the complexities of unclaimed property for
more than 65 years. Keane provides a comprehensive array of business services to help
companies achieve compliance with state unclaimed property laws and regulations, while
identifying and mitigating the risks associated with non-compliance.
Please submit all applications through Nicole.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 2 of 2
Download