BlueCrest
DEPARTMENT SUMMARY
BlueCrest Information Technology is an organization with global presence and with a staff spanning IT verticals such as Cloud infrastructure, Cyber Security, Network, Mobile/Workstation, Application Development, Service Delivery, Learning Management, etc. We maintain industry best practice in the technology we manage with a focus on technology and process innovation, our cyber security posture and high system availability. BlueCrest IT is ISO 27001:2022 and SOC 2: Type 2 Certified and we follow NIST standards and CIS benchmarks as appropriate.
POSITION SUMMARY The Senior IT Security Analyst will be responsible for implementing and maintaining a cyber security program, which includes procedures and policies designed to protect enterprise communications, systems, and assets from both internal and external threats. They will direct efforts in areas such as Cloud and endpoint security, web security, vulnerability management and access control, and lead annual IT audits and Certification efforts for the organization.
CORE RESPONSIBILITIES
Act as first point of communication/escalation for cybersecurity incidents.
Collaborate with MSP vendor during incident response; oversee lessons learned and root cause analysis.
Advise on security considerations during project planning and implementation.
Recommend, Implement and maintain security measures.
Direct MSP vendor efforts in endpoint security, web security, vulnerability management, access management, and overall protection of Customer’s information systems.
Monitor user behavior and information in line with Customer policies and practices.
Ensure compliance with frameworks and lead cybersecurity audits (including ISO 27001, SOC 2) and regulatory reviews, and respond to customer questionnaires.
Establish Governance and maintain cybersecurity policies in alignment with certification requirements, and in accordance with industry best practice standards including NIST & CIS.
Collaborate with vendor SOC, SDM, TSM, CSM/ISSO, and cloud architects to maintain a secure environment.
Ensure service levels are met, and security incidents receive appropriate responses.
KEY RELATIONSHIPS The role will collaborate with MSP vendor personnel, IT personnel, Chief Legal Officer, and Chief Human Resource Officer as well as with the Software Engineering and Software Development groups.
Qualifications MINIMUM:
6 years experience
CompTIA Security+
SSCP
Bachelor’s degree or equivalent
PREFERRED:
8+ years experience
CISM / CISSP
ISC2 Membership
GCIH
Master’s degree or higher
#J-18808-Ljbffr
POSITION SUMMARY The Senior IT Security Analyst will be responsible for implementing and maintaining a cyber security program, which includes procedures and policies designed to protect enterprise communications, systems, and assets from both internal and external threats. They will direct efforts in areas such as Cloud and endpoint security, web security, vulnerability management and access control, and lead annual IT audits and Certification efforts for the organization.
CORE RESPONSIBILITIES
Act as first point of communication/escalation for cybersecurity incidents.
Collaborate with MSP vendor during incident response; oversee lessons learned and root cause analysis.
Advise on security considerations during project planning and implementation.
Recommend, Implement and maintain security measures.
Direct MSP vendor efforts in endpoint security, web security, vulnerability management, access management, and overall protection of Customer’s information systems.
Monitor user behavior and information in line with Customer policies and practices.
Ensure compliance with frameworks and lead cybersecurity audits (including ISO 27001, SOC 2) and regulatory reviews, and respond to customer questionnaires.
Establish Governance and maintain cybersecurity policies in alignment with certification requirements, and in accordance with industry best practice standards including NIST & CIS.
Collaborate with vendor SOC, SDM, TSM, CSM/ISSO, and cloud architects to maintain a secure environment.
Ensure service levels are met, and security incidents receive appropriate responses.
KEY RELATIONSHIPS The role will collaborate with MSP vendor personnel, IT personnel, Chief Legal Officer, and Chief Human Resource Officer as well as with the Software Engineering and Software Development groups.
Qualifications MINIMUM:
6 years experience
CompTIA Security+
SSCP
Bachelor’s degree or equivalent
PREFERRED:
8+ years experience
CISM / CISSP
ISC2 Membership
GCIH
Master’s degree or higher
#J-18808-Ljbffr