This site uses cookies. To find out more, see our Cookies Policy

Start Your Job Search:

View All Jobs at TA-Petro

Information Security Analyst in Westlake, OH at Travel Centers of America Petro

Date Posted: 2/12/2019

Job Snapshot

Job Description

Job Brief

The Information Security Analyst is responsible for providing security solutions. His or her main duties include doing research, collecting data, developing security strategies, and maximizing productivity.  The Security Analyst is also in charge of implementing security principles while following strict privacy policies. The Information Security Analyst has advanced skills pertaining to finding security threats and other vulnerabilities.  He or she conducts assessments of enterprise environments and frequently monitors logs and computer traffic.

The Information Security Analyst coordinates update initiatives for existing technologies to minimize downtime and avoid security contingencies.  He or she documents security breaches and proceeds according to company rules.  The Information Security Analyst must know how to effectively operate company infrastructure and tools as it relates to security.

The Information Security Analyst will be responsible for day to day management of information security tools as well as triage and investigation of information security events.  This will involve creation and refinement of standard operating procedures.

Duties and Responsibilities

  • Take ownership of a variety of technologies, including internet security, Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), Security Incident and Event Manager (SIEM), vulnerability tools, and other security technologies.
  • Review and analyze security logs to identify anomalies and suspicious activities within network.
  • Monitor, track, and document information security issues and threats to ensure prompt resolution and root cause analysis as needed.
  • Support audit efforts related to information security.
  • Recommend and implement new tool sets and practices with regards to information security.
  • Provide security consultation and architecture review on projects to business and IT groups.
  • Provide project management for small to medium sized security implementations.
  • Adhere to all company and regulatory policies and procedures, including but not limited to Sarbanes-Oxley IT General Controls and Payment Card Industry Data Security Standards.
  • Other work as designated

Qualifications

  • Undergraduate degree in computer information technology, computer engineering, or related degree, or equivalent experience.
  • Professional certifications preferred (e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), System Security Certified Practitioner (SSCP), etc.)
  • Minimum of 3+ years’ experience in Information Security.
  • Familiarity with regulatory and legal requirements (e.g., Sarbanes-Oxley 404 (SOX), Payment Card Industry Data Security Standards (PCI-DSS)).
  • Familiarity with common Web Application Security risks (e.g., Cross Site Scripting, SQL Injection, Authentication and Session Management)
  • Knowledge of security and risk frameworks, standards, and best practices (i.e. PCI, ISO, COBIT).
  • Knowledge of and implementation experience with security technologies and architecture, including encryption, network security, firewall configuration, intrusion detection, data loss prevention and application security.
  • Experience in vulnerability management, including testing, scanning, and patching.
  • Excellent time management skills, and the ability to prioritize and multi-task.
  • Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines).
  • Ability to work successfully in a cross-functional team environment.

Not Ready to Apply Yet?

Why not join our talent network! Talent Networks enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.