No more applications are being accepted for this job
- Develops security processes and procedures, supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
- Works with Information Security leadership to develop strategies and plans to enforce security requirements and address identified risks.
- Maintains knowledge of security best practices, threats and trends in information security and applies that when recommending controls within the ISO 27001 security framework.
- Researches and collaborates with others to implement system and application hardening procedures for physical, virtual and cloud resources.
- Participates in vulnerability analysis and collaborates with others to remediate or provide mitigation guidance, as necessary. Interfaces with Managed Security Services Provider and performs general threat analysis and escalation for identified risks and/or vulnerabilities.
- Completes third party risk assessments as needed.
- Implements and maintains security controls necessary to effectively report progress in maturing the Information Security Program
- Has working knowledge of current security tool set and defines operational parameters for their use and conducts regular reviews of tool output.
- Participates in internal initiatives for the implementation, use, and improvement of processes, procedures, guidelines, and metrics for security systems.
- Analyzes the results of audits to produce recommendations of acceptable risk and risk mitigation strategies.
- In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.
- Provides technical leadership & mentoring to less senior members on the team.
- Plans and executes cybersecurity awareness events and communication campaigns. Monitors and reports on the effectiveness of security awareness initiatives.
- Assists with the collection, analysis, and presentation of cybersecurity program performance metrics and key risk indicators (KRIs). Documents and monitors mitigation strategies and risk management plans.
- Supports cross-functional teams in the implementation of regulatory controls and performs periodic gap assessments to validate compliance. Monitors compliance and reports effectiveness.
- Decision Impact: Dept.
- Department Responsibility: Single
- Budgetary Responsibility: No
- Direct Reports: No
- Indirect Reports: No
- Physical Requirements: N/A
- Minimum Bachelor's Degree in Computer Information Systems or equivalent degree/work experience
- GIAC certification preferred
- Related Functional Experience: Minimum of 2 years supporting enterprise-class security controls, processes and systems
- Familiarity with ISO 27000-series
IT Security Analyst - Tempe, United States - PulteGroup
Description
JOB SUMMARY:Works closely with the other members of the Information Security Team to establish plans and protocols to protect digital files and information systems against unauthorized access, modification and/or destruction. Will also work with the IT department and other business units to select and deploy technical controls to meet specific security requirements, define processes and standards to ensure that security configurations are maintained, and analyze logs from such controls to identify and respond to risks and threat activity.
PRIMARY RESPONSIBILITIES:
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. We will provide a reasonable accommodation to a qualified applicant with a disability that will enable the individual to have an equal opportunity to participate in the application process and to be considered for a job.
This Organization Participates in e-Verify
Pulte Homes of Minnesota is an equal employment opportunity/affirmative action employer.
California Privacy Policy