Jobs
>
Bryn Mawr Place

    Security Analyst II - Bryn Mawr, United States - Aqua America

    Aqua America
    Aqua America Bryn Mawr, United States

    2 weeks ago

    Default job background
    Description

    Reference #:
    R3738 delivers safe, clean, reliable services that improve quality of life for individuals, families, and entire communities.


    Operating as the (water and wastewater services) and the and (natural gas) brands, Essential serves approximately 5.5 million people across 10 states.

    We are committed to sustainable growth, operational excellence, a superior customer experience, and premier employer status - including a competitive and comprehensive benefits package as well as a commitment to career growth opportunities.


    We are advocates for the communities we serve and are dedicated stewards of natural lands, protecting more than 7,600 acres of forests and other habitats throughout our footprint.


    Our company is one of the most significant publicly traded water, wastewater service and natural gas providers in the U.S.

    Job Description

    **This is a hybrid position that can be based in our Pittsburgh or Bryn Mawr PA office. The primary responsibilities of the Security Analyst II are to ensure the security and integrity of the organization's information systems, with a specific focus on risk & vulnerability management as well as security compliance. The Security Analyst will frequently engage with both technical teams and business process owners to analyze risk, communicate risk posture, and develop effective remediation strategies. Ready to take your career to the next level? Let's talk

    Essential Duties:

    Manage execution of both enterprise-wide and focused risk, threat, and vulnerability assessments, including but not limited to Security Awareness, Vulnerability, Configuration, and Third-Party Assessments.

    Analyze and prioritize risk, vulnerability, and compliance findings to define remediation priorities considering all available data sources; partnering with technology and business stakeholders to socialize and implement remediation plans.


    Define and manage qualitative and quantitative metrics and reporting to measure the success of vulnerability, third party, security awareness, security awareness, configuration, and asset management remediations.

    Ability to lead ongoing vulnerability management processes, including working with IT and business stakeholders to prepare vulnerability remediation plans, track progress, and reduce overall vulnerability exposures.

    Participate in development, implementation and operation of control/compliance frameworks and security best practices based on ISO 27001/27002, NIST , Cyber Security Framework/CSF), COBIT, Critical Security Controls, CIS Configuration Benchmarks. Monitor compliance with security configuration standards for servers, endpoints, software, and networking platforms based on CIS Benchmarks.

    Work closely with IT, development, and operations teams to ensure the integration of security practices into the software development lifecycle (SDLC) and IT operations.

    Lead or assist with vendor and 3rd party risk assessments. Create/maintain documentation of security solutions, services, configurations, and processes.

    Work closely with engineers focused on intrusion detection, incident response and security operations to manage risk related to existing and emerging threats.

    Collaborate with other security engineers to analyze, process, integrate, communicate, and respond to threat intelligence.

    Ability to participate in or lead development, improvements and updates to continually improve security controls, policies, guidelines, processes and procedures.

    Develop and deliver security awareness training programs for employees to enhance their understanding of security best practice to ensure that security and risk management continue to be integrated into the corporate culture.

    Lead development and operation of the security awareness program to ensure that security and risk management continue to be integrated into the corporate culture.

    Implement and maintain controls for compliance and privacy. Act as liaison to internal and external audi teams as needed. Provide escalation support for the Information Technology Help Desk as required. Ability to work off hours maintenance windows and participate in rotating on call shift periodically. Ability to work alone or function effectively as part of a team. All other duties as assigned by management.


    MINIMUM QUALIFICATIONS:
    Bachelors in Information Technology, Computer Science, Cyber Security, Security and Risk Analysis, Information Assurance. 3-5 years of previous experience Candidates must have a minimum of one of the following certifications or will be required to obtain within the first 12 months: CISSP, GIAC (GSEC, GSNA), CRISC, CISA, CISM, CCSP, SSCP, CAP, CSSLP, CSX Practitioner


    KNOWLEDGE, SKILLS, AND ABILITIES:
    Experience working with assessment tools such as Qualys Policy Compliance and CIS-CAT.

    Experience developing and using Qualys, or other vulnerability management, platforms with experience in multiple modules and/or areas:
    Vulnerability Management, Policy Compliance, Continuous Monitoring, Policy Compliance, Web Application Scanning and Asset Management.

    Experience leading security awareness program development including:
    Leading regular phishing assessment campaigns.

    Creating innovative security awareness campaigns using solution provider and custom-developed tools/trainings designed to be flexible and adaptable across a diverse employee population (executives, engineering, marketing and communications, finance, customer service, etc.).

    Participate in aligning the security awareness program with the enterprise's greatest risks and measure the impact in risk reduction from security awareness efforts.

    GRC platform experience, with RSA Archer knowledge a strong positive.

    Strong written and verbal communication skills are required as this position will be responsible for working directly with technical teams and business stakeholders.

    Demonstrates strong organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities. Strong analytical skills for assessing and prioritizing security risks. Ability to promote a security-conscious culture within the organization. Ability to adapt to evolving threats, technologies, and organizational needs. Ability to understand and integrate security into project and application lifecycles for enterprise IT systems.

    Minimum of 3 to 5 years experience in Information Technology focusing on information security auditing, risk analysis and vulnerability management.

    General knowledge of the following technologies from a security perspective:
    Active Directory, database platforms, web server platforms, Middleware, PKI, cloud computing, Office 365 and Azure. Experience using statistical, quantitative, and qualitative analysis techniques. Proactive approach to staying informed on the latest security threats, vulnerabilities, and industry best practices.

    Essential Utilities, Inc., is an Equal Opportunity/Affirmative Action employer.

    Equal employment opportunity is provided to all employees and applicants for employment without regard to the following legally protected characteristics:

    race, color, religion, sex, national origin, age, pregnancy (including childbirth and related medical conditions, including medical conditions related to lactation), physical or mental disability, covered-veteran status, genetic information (including testing and characteristics), sexual orientation, gender identity or expression or any other characteristic protected by applicable local, state or federal law.

    Essential Utilities is committed to providing reasonable accommodation to individ
  • FXI Inc

    Cyber Security Analyst

    5 days ago

    FXI Inc Radnor, United States

    Overview: · **Responsibilities**: · - Performs and actively monitors cybersecurity risk assessments including compliance with existing standards, policies, and risk appetite. · - Performs risk reviews and assessments of organizational security controls (policies, processes, confi ...

  • eNGINE

    Security Analyst

    3 weeks ago

    eNGINE Bryn Mawr, United States

    eNGINE builds Technical Teams. We are a Solutions and Placement firm shaped by decades of interaction with Technical professionals. Our inspiration is continuous learning and engagement with the markets we serve, the talent we represent, and the teams we build. Our Consulting Wor ...

  • Campbell Soup Company

    Lead Security Analyst

    1 week ago

    Campbell Soup Company Camden, United States

    Since 1869 we've connected people through food they love. Our history was created by remarkable people, ideas, and innovations. It serves as inspiration and foundation for our future success. · We're proud to be stewards of amazing brands that people trust. Our portfolio includes ...

  • Aqua America

    Security Analyst II

    4 days ago

    Aqua America Bryn Mawr, United States

    Reference #: R3738 Essential Utilities, Inc. delivers safe, clean, reliable services that improve quality of life for individuals, families, and entire communities. · Operating as the Aqua (water and wastewater services) and the Peoples and Delta (natural gas) brands, Essential s ...

  • Citadel Federal Credit Union

    Corporate Fraud and Security Analyst

    1 week ago

    Citadel Federal Credit Union Exton, United States

    **Position Overview** · **Responsibilities** · - Effectively review the credit union's fraud identification and mitigation procedures, with particular focus on minimizing the impact of fraudulent transactions and loss trends. This includes, but is not limited to monitoring new ac ...

  • Medical Guardian

    Security Analyst

    3 weeks ago

    Medical Guardian Philadelphia, United States

    Medical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedural documentation are up to date, ...

  • Drexel University

    IT Security Analyst

    2 weeks ago

    Drexel University Philadelphia, United States

    IT Security Analyst Job no: Work type: Full-Time Location: Hybrid/Flexible Work Arrangement Categories: Finance and Administration, Drexel University · Job Summary Under administrative supervision, the IT Security Analyst is responsible for assuring technical compliance with PCI. ...

  • Medical Guardian

    Security Analyst

    2 weeks ago

    Medical Guardian Philadelphia, United States

    Medical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedural documentation are up to date, ...

  • Medical Guardian

    Security Analyst

    2 weeks ago

    Medical Guardian Philadelphia, United States

    Medical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedural documentation are up to date, ...

  • Medical Guardian

    Security Analyst

    2 days ago

    Medical Guardian Philadelphia, Pennsylvania, United States Permanent

    Medical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedural documentation are up to date, ...

  • Medical Guardian

    Security Analyst

    2 weeks ago

    Medical Guardian Philadelphia, United States

    Job Description · Job DescriptionMedical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedu ...

  • Medical Guardian

    Security Analyst

    3 weeks ago

    Medical Guardian Philadelphia, United States

    Job Description · Job DescriptionMedical Guardian is seeking a highly energized Security Analyst (Hybrid role) who will be responsible for monitoring and assessing systems for vulnerabilities, working with teams for incident response, ensuring security policy, process and procedu ...

  • Regulatory DataCorp, Inc.

    Security Analyst

    2 weeks ago

    Regulatory DataCorp, Inc. King of Prussia, United States

    Security Analyst · RDC, The Diligence Technology Company, is the world's leading Anti-Money Laundering, Know Your Customer, Anti-Bribery & Corruption solutions provider. RDC integrates the industry's largest financial crime diligence database into an agile SaaS technology platf ...

  • Motion Recruitment Partners, LLC

    Sr. Security analyst

    1 week ago

    Motion Recruitment Partners, LLC Philadelphia, United States

    Job Description This company with a goal of providing high-quality products to enhance fishing experiences of anglers world wide is currently looking for a Sr. Security Analyst to join their IT/Infrastructure team. They specialize in fishing gear, tackle and accessories. They hav ...

  • Motion Recruitment Partners, LLC

    Senior Security Analyst

    1 week ago

    Motion Recruitment Partners, LLC Philadelphia, United States

    This global manufacturing company is looking for a Senior Security Analyst to join their small but strong and growing team. This person will be a big fish in a small pond - mainly responsible for network security and information security, making a direct contribution to the secur ...

  • Motion Recruitment

    Senior Security Analyst

    3 weeks ago

    Motion Recruitment Philadelphia, United States

    This global manufacturing company is looking for a Senior Security Analyst to join their small but strong and growing team. This person will be a big fish in a small pond - mainly responsible for network security and information security, making a direct contribution to the secur ...

  • Motion Recruitment

    Security Analyst I

    4 days ago

    Motion Recruitment Philadelphia, United States

    Looking for a super hands-on security analyst position? A local law firm is on the hunt for a security analyst to help support their SecOps team. You will be working with SIEM, DLP and EDR. This role is 2 days on site in Philadelphia (must be within 25 miles of Philadelphia) · To ...

  • Motion Recruitment Partners LLC

    Security Analyst I

    4 days ago

    Motion Recruitment Partners LLC Philadelphia, United States

    Security Analyst I · Philadelphia, PA · Onsite · Contract · $80/hr - $90/hr · Looking for a super hands-on security analyst position? A local law firm is on the hunt for a security analyst to help support their SecOps team. You will be working with SIEM, DLP and EDR. This role is ...

  • Patterned Learning AI

    Application Security Analyst

    3 weeks ago

    Patterned Learning AI Philadelphia, United States

    Job Description · Application Security Analyst- Remote Job, 1+ Year Experience · Annual Income: $60K - $65K, Onsite · A valid work permit is necessary in the US/Canada · About us: Patterned Learning is a platform that aims to help developers code faster and more efficiently. ...

  • DLA Piper

    Information Security Analyst

    1 week ago

    DLA Piper Philadelphia, United States

    _DLA Piper is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Job applicant poster v ...