This site uses cookies. To find out more, see our Cookies Policy

Security Analyst-IL-TX-NC-TBD in Northbrook, IL at APEX Systems

Date Posted: 6/14/2019

Job Snapshot

Job Description

Job #:  980256
Apex Systems, the Nation’s 2nd largest Technical Staffing and Services Firm, has an opening for a Security Analyst role at one of largest insurance providers in the United States in the following locations: Northbrook, IL, Irving, TX, and Charlotte, NC.

•If you are interested in this role, please email your resume and availability for a phone conversation to Erin Sullivan, a Technical Recruiter by emailing  esullivan@apexsystems.com.
 
Overview:
The Security Assurance Consultant will have extensive client interactions relating to technical security controls with a wide range of technology-based functions, business groups and suppliers. Relevant skills include an intermediate level understanding of business/technology risk leveraging NIST cybersecurity framework and lifecycle (Identify, Protect, Detect, Respond, and Recover). Knowledge in monitoring and review of technology controls that mitigate those risks at an intermediate level leveraging ISO/IEC 27000 series Plan-Do-Check-Act (PDCA) cycles. This resource is expected to act as a trusted advisor that can clearly articulate required security policies, standards, controls and guidelines to both technical and business audiences alike.
 
Knowledge and Skills:
Compliance Assessment & Classification support (Enterprise Standards and Policy).
o Help facilitate assessment reviews of individual business unit and/or supplier compliance to above leveraging manual questionnaires and/or Archer GRC compliance module.
o Assist in identification and reporting of compliance gaps to key stakeholders for remediation actioning.
o Help identify all instances of overlapping questionnaires within silo compliance program efforts
(SOX, PCI, HIPAA, state regulations, etc).
o Help define Common Control framework capability in Archer GRC to cross map a set of controls to the requirements from different regulations and standards. Ultimate objective is that once a control is tested, the test results can contribute to the assessment for multiple regulations and standards without duplicating work.
o Support team members and business processes managing the lifecycle and inventory of critical technology assets (monitoring, enumeration and classification of various regulatory and compliance information assets)

• Compliance program support (PCI, HIPAA, NYDFS, SOX, SEC / GLBA), scope management, along with 1 st level triage of consultative requests (engaging lead consultants as required and when appropriate), and supporting supplier compliance reviews
o Support senior and lead consultants, and provide triage coverage
o Consult with stakeholders and/or suppliers on requirements for new and existing business / technology solutions to assure compliance to applicable regulatory or contractual control requirements (ex. PCI, HIPAA, state regulations, internal standards and governing policies and procedures)
 
Qualifications
o Minimum 4 years of IT experience --IT security and/or IT audit preferred
o Minimum 2 years of project management/administration, consulting, and/or business security analyst experience
o Base understanding of general concepts of PCI DSS, HIPAA applicable security / privacy controls (aligned to NIST/OCR), NIST cybersecurity framework, ISO/IEC 27000 series, general concepts associated with SOX legislation
o Familiarly with the Enterprise Asset Management Systems i.e. ServiceNow / AWARE
o Ability to effectively work with technical and non-technical resources
o Demonstrated experience working as part of cross functional teams, including offsite, remote and offshore resources
o Effective problem solver who is process and detail driven
o Effective communication skills, written and verbal – this role requires interaction with across the enterprise and regular interface with people at all organization levels. Ability to tailor communication style to audience at hand.
o Experience in discerning the protection needs (i.e., security controls) of information systems and networks
o Understanding of IT security best practices
o Relevant postsecondary education and/or industry standard certifications preferred (i.e., CompTIA, Microsoft, EC-Council, ISACA, ISC2, SANS Institute/GIAC, PCIP)
o Ability to effectively manage multiple, competing projects/priorities while achieving targeted completion results
o Self-directed, works with minimal guidance, and recognizes when guidance needed, can work independently in a semi-structured environment
o Ability to develop/enhance partnerships with stakeholders
o Strong organizational skills, ability to write quality documentation and/or presentations
o Proficient in MS Office Suite (Word, Excel, PowerPoint, OneNote, Project, Access, Visio) and SharePoint
 
 
 
 
 
 
 
 
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178-6178.