Associate, Information Security

About The Position

Requirements

• Bachelor's Degree or equivalent work experience: Computer Science or equivalent field. - Required.
• 5+ Years Experience in information security, governance, IT audit, or risk management. - Required.
• 5+ Years SAS experience. - Required.
• English - Required.
• Knowledge of risk assessment tools, technologies, and methodologies; experience planning, researching, and developing security strategies, standards, and procedures strong understanding of information security, incident response, and networking/PC concepts
• Expertise in analyzing malware, eDiscovery, current threats/attacks, and vulnerability management
• Understanding of risk management needs and ability to design solutions based on detailed analysis and validation
• Strong knowledge of MIS reporting structures
• Advanced proficiency in Microsoft Office (Outlook, Word, Excel) and PowerPoint.
• Exceptional organizational skills and attention to detail
• Ability to work cooperatively in a team environment; strong analytical and problem-solving skills with sound judgment
• Ability to communicate concisely and effectively with executive management; strong written communication skills
• Presentation development skills with the ability to tailor messages to different audiences and present at all levels
• Strong interpersonal and relationship-building skills with mid- to senior-level stakeholders and cross-functional teams
• Leadership capability, including mentoring others; ability to deliver accurate results and meet commitments

Nice To Haves

• Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.
• Experience in Microsoft Office products.

Responsibilities

• Conduct penetration testing and vulnerability assessments across infrastructure, applications, networks, and web applications; partner with stakeholders to define, track, and close remediation plans.
• Plan, schedule, and execute security assessments using standard methodologies, delivering clear assessment reports and walkthroughs to stakeholders.
• Perform technical and application security testing across platforms and technologies (e.g., operating systems, databases, network devices, and web applications).
• Lead and serve as an escalation point for security projects, directing managers and senior technical staff to drive security improvements in a global environment.
• Act as a senior incident response resource, coordinating with technical teams on investigation, remediation, and communication.
• Oversee security infrastructure and operations, including vulnerability management, WAF, network monitoring, logging and correlation, DDoS protection, and IDS/IPS.
• Provide security consulting and risk assessments for complex business initiatives, evaluating control effectiveness and the impact of proposed changes.
• Contribute to security strategy through technology evaluation, proof of concepts, vendor assessments, solution recommendations, and security research.
• Develop, monitor, and present security metrics, reports, and dashboards for management, overseeing daily monitoring activities and issue resolution.