- Leads Information Security projects, including defining objectives, scope, and tasks
- Represents the Information Security team in projects internal and external to the department
- Defines and performs project-related tasks
- Leads Information Security risk and vulnerability assessment processes
- Counsels teams on the management of residual risk based on product, platform, or system design
- Researches the internal and external threat landscape, conducts vulnerability analysis on emerging risks to the organization, and recommends remediation activities to management and other teams
- Drafts and maintains risk and vulnerability assessment documentation
- Leads risk and vulnerability remediation efforts
- Leads data governance tasks
- Leads regulatory compliance tasks, processes, and audit functions (PCI, Data Privacy Law, HIPAA, etc.)
- Drafts and maintains compliance-related documentation
- Drafts and maintains Information Security policy, process, and procedure documentation
- Drafts and maintains Information Technology policy, process, and procedure documentation applicable to the broader Love's IT infrastructure
- Produces as-is and to-be process flows depicting process efficiencies and improvements
- Drafts and maintains security awareness training content and material for distribution across multiple delivery methods, including but not limited to computer-based training (CBT), e-mail, SharePoint sites, and live training
- Administers Information Security applications and platforms
- Works with third-party support and security equipment vendors
- Participates in the Computer Incident Response Team, as needed, typically focusing on lessons learned and post-event improvement
- Mentors SecGRC team members in sound information security processes to protect the confidentiality, integrity, and available of Love's information technology assets
- Other duties assigned as needed
- Education:
- Bachelor's Degree in Information Security, Information Technology, or a related discipline preferred
- ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified in Risk and Information Systems Control (CRISC), GIAC Information Security Professional (GISP), CompTIA Advanced Security Practitioner (CASP+), or other advanced security / compliance / IT generalist certification preferred
- Experience:
- Minimum of 5 years' experience in an Information Security role is preferred
- Advanced knowledge of Information Security principles and practices to include, but not limited to, the following areas: Security Architecture, Risk and Vulnerability Management, Cloud Platform Security, Network-Based Security, Host-Based Security, Public Key Infrastructure (PKI), Security Information and Event Management (SIEM), Encryption, Data Loss Prevention (DLP), Malware Prevention required
- Experience or knowledge in cloud-based security architecture is preferred
- General IT experience (System Admin, Network Admin, etc.) preferred
- Knowledge and understanding of Project Management principles and methodologies is a plus
- Knowledge and understanding of Software Development Lifecycle (SDLC) is a plus
- Skills:
- Extensive knowledge of information security best practices
- Knowledge of applicable data privacy practices and laws
- Ability to conduct research into issues and products as required
- Ability to prioritize/execute tasks and make sound decisions in a high-pressure, fast-moving environment
- Comfortable acting independently and making best-judgment decisions with limited information
- Strong interpersonal written and oral communication skills
- Ability to present ideas in a user-friendly language
- Highly self-motivated and directed
- Keen attention to detail
- Proven analytical and problem-solving abilities
- Ability to perform general mathematical calculations for the purpose of creating need assessments and budgets
- Strong customer service orientation; experience working in a team-oriented, collaborative environment
- Typical Physical Demands:
- Requires prolonged sitting, some bending and stooping
- Occasional lifting up to 25 pounds
- Manual dexterity sufficient to operate a computer keyboard and calculator
- Requires normal range of hearing and vision
- Gemini Motor Transport, one of the industry's safest trucking fleets.
- Speedco and Love's Truck Care, the largest oil change and preventive maintenance and total truck care network.
- Musket, a rapidly growing, Houston-based commodities supplier and trader.
- Trillium, a Houston-based alternative fuels expert.
- TVC Pro-driver, a commercial driver's license (CDL) protection subscription service.
-
Analyst III
2 weeks ago
Nelnet Oklahoma City, United States Paid WorkNelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer, professional services company, consumer loan originator and servicer, payments processor, renewable energy solutions, and K-12 and higher education ...
-
IT Risk Analyst III
2 weeks ago
iTech Post Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
Systems Analyst III
2 weeks ago
JVM Solutions Oklahoma City, United StatesJob Description · Job DescriptionJOB PURPOSE · JVM is seeking a highly skilled and experienced System Analyst III to join our team and perform a full range of scientific services with the Environmental Protection Agency (EPA) Region 6 (South Central) serving Arkansas, Louisiana, ...
-
IT Risk Analyst III
1 week ago
Knewin Oklahoma City, United StatesJob Details · Level : Experienced · Job Location : Oklahoma City Office - Oklahoma City, OK · Position Type : Full Time · Education Level : Bachelor's Degree · Salary Range : Undisclosed · Job Category : Information Technology · Description · The IT Risk team functions in ...
-
IT Risk Analyst III
2 weeks ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
IT Risk Analyst III
4 weeks ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
IT Risk Analyst III
3 weeks ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
Cyber Security Analyst III
1 day ago
Love's Travel Stops Oklahoma City, United StatesReq ID: · BASIC PURPOSE : The Cyber Security Analyst III - SecGRC provides leadership, advice, and expertise to IT staff and other departments related to Information Security issues. The Analyst III represents Information Security interests in projects internal and external to t ...
-
Cyber Security Analyst III
2 weeks ago
Loves Travel Stops & Country Store Oklahoma City, United StatesReq ID: 439469 · BASIC PURPOSE: The Cyber Security Analyst III - SecGRC provides leadership, advice, and expertise to IT staff and other departments related to Information Security issues. The Analyst III represents Information Security interests in projects internal and externa ...
-
Application Security Analyst III
1 day ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe Application Security Analyst position exists to protect the security posture of the Paycom application through tasks such as web application penetration testing, code review, tool use, and other measures. Additional tasks include work to develop or improve existing projects t ...
-
Application Security Analyst III
1 day ago
PAYCOM PAYROLL LLC Oklahoma City, United States Full timeThe Application Security Analyst position exists to protect the security posture of the Paycom application through tasks such as web application penetration testing, code review, tool use, and other measures. Additional tasks include work to develop or improve existing projects t ...
-
IT Risk Analyst III
2 weeks ago
Paycom Payroll Llc Oklahoma City, OK, US, United States Full timeThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
it risk analyst iii
2 weeks ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
IT Risk Analyst III
3 weeks ago
iTech Post Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
IT Risk Analyst III
1 week ago
PAYCOM PAYROLL LLC Oklahoma City, United StatesThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
IT Risk Analyst III
1 week ago
Paycom Oklahoma City, United StatesJob Details · Level · Experienced · Job Location · Oklahoma City Office - Oklahoma City, OK · Position Type · Full Time · Education Level · Bachelor's Degree · Travel Percentage · None · Job Shift · Day · Job Category · Information Technology · Description · The IT Risk ...
-
Financial Analyst III
1 week ago
Rocket Software Oklahoma City, United StatesIt's fun to work in a company where people truly BELIEVE in what they're doing · Job Description Summary: · The successful candidate will be responsible for providing reporting and analysis on Rocket's ARR and renewals against forecasts and budgets. This is a highly visible role ...
-
IT Risk Analyst III
3 weeks ago
Knewin Oklahoma City, United StatesJob Details · Level : Experienced · Job Location : Oklahoma City Office - Oklahoma City, OK · Position Type : Full Time · Education Level : Bachelor's Degree · Salary Range : Undisclosed · Travel Percentage : None · Job Shift : Day · Job Category : Information Technology ...
-
IT Risk Analyst III
4 weeks ago
Paycom Payroll Llc Oklahoma City, OK, United States Full timeThe IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and develo ...
-
Operations Analyst III
2 weeks ago
Trustmark Oklahoma City, United States Paid WorkTrustmark's mission is to improve wellbeing – for everyone. It is a mission grounded in a belief in equality and born from our caring culture. It is a culture we can only realize by building trust. Trust established by ensuring associates feel respected, valued and heard. At Trus ...
Cyber Security Analyst III - Oklahoma City, United States - Love's Travel Stops
Description
Req ID: 439469
BASIC PURPOSE : The Cyber Security Analyst III - SecGRC provides leadership, advice, and expertise to IT staff and other departments related to Information Security issues. The Analyst III represents Information Security interests in projects internal and external to the department, performs risk and vulnerability assessments of new and existing applications and platforms, directs security-related data governance tasks, ensures compliance with applicable regulatory requirements, creates policy and process documentation, and otherwise contributes to the development and maintenance of a sound Information Security program. The Analyst III mentors less-experienced Information Security staff and may direct the activity of other SecGRC team members. The Cyber Security Analyst III - SecGRC reports to the Supervisor of Information Security - SecGRC.
MAJOR RESPONSIBILITIES:
EDUCATION AND EXPERIENCE:
SKILLS AND PHYSICAL DEMANDS:
Job Function(s): Information Technology
Love's has been fueling customers' journeys since 1964. Innovation and perseverance continue to lead the way for the family-owned and -operated business headquartered in Oklahoma City with more than 40,000 team members in North America and Europe. The company's core business is travel stops and convenience stores with more than 630 locations in 42 states. Love's continues its commitment to offer products and services that provide value for professional drivers, fleets, four-wheel customers, RVers, alternative fuel and wholesale fuel customers. Giving back to communities Love's serves and maintaining an inclusive and diverse workplace are hallmarks of the company's award-winning culture.
The Love's Family of Companies includes:
EOE-Protected Veterans/Disability
Cyber Security Analyst III professionals in Oklahoma City
-
Maria Collado Rivera
Bilingual (Spanish) Human Resources
-
Taylor Drake
DII Graduate Assistant Women’s Basketball Coach