JOB SUMMARY: The Senior Information Security Analyst is responsible for conducting vulnerability assessments on application and technology architectures; performing vulnerability scanning and reporting; assisting internal, operational support and product development teams in remediation planning; solution design and information security policies development and maintenance; coordinating investigation and reporting of security incidents; monitoring IDS and IPS on 24x7 basis; compliance with company security policy, contractual requirements and applicable laws. This position encompasses operational assignments. This will require practical use and understanding of security protocols and standards, and solid knowledge of information security principles and practices.
• Assess information security risks of legacy and new applications using risk assessment methodologies based on provided architecture. This will require practical use and understanding of advanced security protocols and standards, and solid knowledge of information security principles and practices
• Schedule and perform vulnerability scans; compile findings reports
• Conduct vulnerability assessments and remediation action planning
• Coordinate cross-functional team meetings to remediate previously identified security vulnerabilities and close out pending action plans
• Intrusion detection and prevention system monitoring, analyzing threat vectors from various tools, e.g. SIEM, etc.
• Security incident response and investigation,
• Support SSAE 16 and other audits
• Policy development and maintenance according to generally accepted industry standards
• Assist in responding to RFP and RFI as necessary
EDUCATION & EXPERIENCE:
• At least 8 years of experience in the Information Security domain[s] and 10+ years overall technology experience
• BS or MS degree in Computer Science
• CISSP, Security+
• Experience in IT regulation and compliance standards, such as SSAE-16, ISO 27001/27002, NIST, HIPAA and others
• Practical use and implementation of solid knowledge of information security principles and practices; Understanding of IT methodologies, such as network, software development lifecycle and operations
• Strong analytical and problem solving skills and the ability to "think-out-of-the-box"
PREFERRED SKILLS & KNOWLEDGE:
• Knowledge of Security Practices for Cloud Computing Environments: (SaaS, PaaS, IaaS)
Equal Opportunity Employer: Infor does not discriminate in employment opportunities or practices on the basis of race, color, creed, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, marital status, age, veteran status, protected veterans, military service obligation, citizenship status, individuals with disabilities, or any other characteristic protected by law applicable to the state in which you work.
In compliance with the OADA, should you have a disability and would like to request an accommodation in order to apply for a currently open position with Infor, please call (678) 319-8000 or email us at ADAAA@infor.com.