Listing Description
This Security Analyst position will be a member of the Cybersecurity Infrastructure - Platform Security team that will support, maintain, and develop tools and projects involving platform security technologies. Additionally, they will work with management and suppliers for product consideration; perform auditing of information system activities; create and maintain documentation related to policies, standards, and procedures; and mentor team members. This will involve working with many groups throughout IT both domestically and internationally.
ROLE
- Performs and/or coordinates regular security assessments of existing or new infrastructure.
- Analyzes network protocols, data flows, architectural diagrams, and/or network traffic flows in conjunction with security zones and/or architectural strategies to ensure secure communication of data.
- Creates and maintains network and system diagrams and other documentation.
- Performs duties necessary to assist in establishing practices and system configurations to ensure the safety of information systems’ assets and to protect information systems from intentional or inadvertent access or destruction.
- Works with information systems custodians (i.e., department managers, user community, and systems administrators) at different levels in the organization to understand their respective security needs and assists with implementing practices and procedures consistent with Costco’s Information Security Policy.
- Assists with auditing of information systems’ activities and systems to confirm information security policy compliance and provides management with security policy compliance assessments.
- Partners with other Information Security groups to conduct security assessments on new solutions and systems, periodic security risk assessments on existing systems, and identifies and/or recommends appropriate security countermeasures and best practices.
REQUIRED
- Minimum of 3 - 5 years’ experience in security in an enterprise environment.
- Experience with platform security technologies, including but not limited to, security orchestration and response, attack surface management, IoT security, and email security.
- Experience with network segmentation and/or security zones for applicable data protection according to data classification.
- Working knowledge of information systems security standards and practices (e.g., access control, system hardening, system auditing, log file monitoring, security policies, and incident handling).
- Demonstrated experience of “hands on” security knowledge of one or more of the following platforms: Windows, Linux, AIX, iSeries.
- Working knowledge of networking protocols, web technologies, and cloud computing.
- Ability to interpret information security data and processes to identify potential compliance issues.
- Ability to quickly understand complicated data flows in order to identify and validate security requirements.
- A team player with the willingness to establish a strong positive working relationship with all areas of the business.
- Ability to clearly communicate Information Security matters to executives, auditors, end users, and engineers using appropriate language, examples, and tone.
Listing Details
- Salary: $125000 - $157000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Partial Telecommute