security Compliance analyst - with free covid-19 vaccinationTaskUs Ph
Overview:
So what does a Security Compliance Analyst really do? Think of yourself as the one who plays a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings.
Key Responsibilities:
You will evaluate and design security solutions; and work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance.
You will manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation.
You will work to support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001.
You will be responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations.
You will support the management of all enterprise security compliance requirements including PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. This will include serving as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership.
You will also serve as a key administrator for Cloud Access Security Broker policy management; support in the development and implementation of a corporate security & compliance awareness program; develop training and awareness efforts for employees, contractors and visitors - to establish a "culture of security" to prevent or mitigate security incidents; and conduct research on emerging practices, services, protocols, and standards - in support of system security and compliance enhancement and development efforts.
You will work to ensure security compliance with applicable regulations and other state and federal laws, keeping current on US, Philippines and international laws of operating countries, and industry regulations regarding data privacy and security.
You will be expected to assist in the development and maintenance of security operations procedures and processes, as well as work with the business units outside of InfoSec to formally document policies and procedures. You will recommend and support the deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises.
You must be able to work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements; provide Incident Response support, as needed, for information security related events.
In the event of security incident response, you will participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies, based on security platform reporting, network traffic, log files, host-based and automated security alerts.
You will evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. This may include participation in DRP exercises and continuous improvement processes; assist in the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Do you think you have what it takes to become a Security Compliance Analyst?
Requirements:
So, here's what we're looking for!
Since this is a Security Analyst post, we would need someone who possesses the demonstrated skills to even call themselves one. We would need someone with at least 6 years experience, two of which are focused on IT security and/or IT audit. You must have in-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001; must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms; possess a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks.
If you have previous background working on system hardening processes, tools, guidelines and benchmarks; experience with DLP policy and vulnerability management scanning platforms; and experience with Cloud Access Security Broker solutions, then that would be a distinct advantage!
Besides possessing a Bachelor's degree in MIS/Computer Science or Business and/or a combination of education and relevant experience, you must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH. Finally, if you have good Project Management skills with the ability to self-start projects; and able to handle sensitive and/or confidential material and information with suitable discretion, then we want to talk to you!
Workbank
So what does a Security Compliance Analyst really do? Think of yourself as the one who plays a pivotal role in the oversight and implementation of system-wide information security strategies and solutions. You will have a significant role in performing audits, tracking vulnerability assessments, testing security, and working with operations teams on remediation and mitigation of audit findings.
Key Responsibilities:
You will evaluate and design security solutions; and work with technicians throughout the company in implementing, maintaining and constantly improving information security practices, while managing and maintaining efforts in the areas of Information Security, Governance, Risk and Compliance.
You will manage and improve overall IT/Security Monitoring and Incident Response programs using processes, procedures, and automation.
You will work to support the Security Compliance Manager in handling the assessment and integration of security controls of the entire corporate environment in line with applicable requirements from PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001.
You will be responsible for policy assessment of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of internal and external security audits and recommendations.
You will support the management of all enterprise security compliance requirements including PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001. This will include serving as audit liaison, compiling all evidence/documentation requests and reporting on the progress of audits to InfoSec and IT leadership.
You will also serve as a key administrator for Cloud Access Security Broker policy management; support in the development and implementation of a corporate security & compliance awareness program; develop training and awareness efforts for employees, contractors and visitors - to establish a "culture of security" to prevent or mitigate security incidents; and conduct research on emerging practices, services, protocols, and standards - in support of system security and compliance enhancement and development efforts.
You will work to ensure security compliance with applicable regulations and other state and federal laws, keeping current on US, Philippines and international laws of operating countries, and industry regulations regarding data privacy and security.
You will be expected to assist in the development and maintenance of security operations procedures and processes, as well as work with the business units outside of InfoSec to formally document policies and procedures. You will recommend and support the deployment of additional security products and tools, or enhancements to existing tools, to mitigate security risk and detect/remediate compromises.
You must be able to work with security engineers for the optimal configuration of the network and host-based security platforms - aligned with compliance requirements; provide Incident Response support, as needed, for information security related events.
In the event of security incident response, you will participate in the analysis, troubleshooting, and investigation of security-related, information systems anomalies, based on security platform reporting, network traffic, log files, host-based and automated security alerts.
You will evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations. This may include participation in DRP exercises and continuous improvement processes; assist in the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Do you think you have what it takes to become a Security Compliance Analyst?
Requirements:
So, here's what we're looking for!
Since this is a Security Analyst post, we would need someone who possesses the demonstrated skills to even call themselves one. We would need someone with at least 6 years experience, two of which are focused on IT security and/or IT audit. You must have in-depth and hands-on experience with at least 2 of the following compliance requirements: PCI DSS, SOC 2, HIPAA/HITRUST and ISO 27001; must possess a strong understanding of enterprise, network, system and application level security issues; functional awareness of both Linux-based and MS Windows-based system platforms; possess a strong IT technical understanding and aptitude for analytical problem-solving; understand enterprise computing environments, distributed applications, and understanding of TCP/IP networks.
If you have previous background working on system hardening processes, tools, guidelines and benchmarks; experience with DLP policy and vulnerability management scanning platforms; and experience with Cloud Access Security Broker solutions, then that would be a distinct advantage!
Besides possessing a Bachelor's degree in MIS/Computer Science or Business and/or a combination of education and relevant experience, you must have an industry recognized information security certification, such as CISA, CISM, CISSP, SSCP ,CCIE or CEH. Finally, if you have good Project Management skills with the ability to self-start projects; and able to handle sensitive and/or confidential material and information with suitable discretion, then we want to talk to you!
Workbank
Other Info
Antipolo City, Rizal
Permanent
Full-time
Permanent
Full-time
Submit profile
TaskUs Ph
About the company
Position security Compliance analyst - with free covid-19 vaccination recruited by the company TaskUs Ph at Rizal, Antipolo, Joboko automatically collects the salary of , finds more jobs on Security Compliance Analyst - with FREE COVID-19 Vaccination or TaskUs Ph company in the links above
About the company