Paranoids Sr. Security Analyst

  • Dulles, VA
  • Full-time

Company Description

Oath, a subsidiary of Verizon, is a values-led company committed to building brands people love. We are a leader in digital and mobile media with a global house of 50+ brands. Oath is shaping the digital future.

Job Description

The Senior Technical Security Analyst position is within Oath’s IT Security group. Our mission is to “Protect Brands People Love.” We partner with technology and business owners to deliver proactive information security solutions and services that protect Oath’s information assets, computing infrastructure, applications and data. The Sr. Technical Security Analyst will support the Governance, Risk Management and Compliance program within IT Security at Oath. Primary responsibilities are to perform technical and non-technical risk assessments on AOL systems to determine and communicate the level of existing and residual risk to business areas.

The ideal candidate will be a self-starter with a voracious appetite for learning and have an analytical mind that constantly looks for elegant and secure solutions to difficult problems. The candidate must be proficient and experienced in conducting risk assessments in a complex environment. The candidate must have the ability to convey complicated technology and security concepts to management and non-technical business areas. The candidate should have technical knowledge and/or experience in security, networking, systems administration, database administration, architecture and/or other technical domains. The candidate must have a desire to work vast and complex environment where encountering and learning new information is a part of the daily routine. Candidates looking for a traditional compliance environment with “checkbox”compliance requirements, need not apply.

Qualifications

Responsibilities:

  • Work within the GRC team to perform in-depth technical risk assessments of Oath systems to determine risk level and mitigation strategies.

  • Work with the team to continuously improve the technology risk process and procedures

  • Communicate potential weaknesses and associated risks identified by the risk assessment and compliance process.

  • Develop action plans and/or recommend alternative solutions to resolve risks and exceptions.

  • Provide oversight to ensure tracking of remediation plans for timely closure of risk issues.

  • Provide security consulting and advisory services to business units and project teams.

  • Research and maintain a knowledge base regarding information security risks, issues, solutions and potential implications for Oath.

  • Provide Security requirements for development teams as needed prior to application deployment.

  • Review vendor contracts for compliance with Oath Security Policies and Standards and perform vendor risk assessments.

Required Qualifications

  • Bachelor’s degree or equivalent work experience and a proven track record in the field of information security and/or risk management.

  • 5 or more years of hands-on technology, risk, security and/or governance experience.

  • Must have in-depth knowledge of common information security topics, policies and standards.

  • Excellent verbal and written communication skills with the ability to understand business requirements.

  • Must be able to develop risk management strategies that align with business goals and objectives and protect the confidentiality, integrity and availability of information systems and data.

  • Project management experience on information security processes and within software development life cycles is desired.

  • Familiarity with measures and metrics used in risk assessment methods and/or vulnerability assessment processes.

  • One or more of the following certifications: CISSP, CISA, CISM, CRISC

  • Thorough technical knowledge of the following areas: IT Audits, IT Governance, Risk and Compliance, Information Security and/or Technical Privacy.

  • Solid organizational skills and strong customer service skills.

Desired Qualifications

Certification or hands on experience in one of the following areas:

  • Amazon Web Services (AWS) security or compliance knowledge

  • Knowledge of (or desire to learn) Application Security (OWASP) risks

  • Knowledge of (or desire to learn) Network Security

  • Desire to work in Security Awareness

Additional Information

EEO/AA Women, Minorities, Veterans, Individuals with Disabilities Employer: Oath offers a competitive salary and benefits package, including 401(k) match and performance bonus. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or other protected category.