Sr. Information Security Analyst

1 month ago

Dobbs Ferry, United States Quorum Full time
Who is Quorum?

Quorum Federal Credit Union is a national employer of choice that attracts, develops, enables, and retains the right resources to drive the organization forward. We are a human-centered organization that delivers a positive work journey and is committed to enhancing the lives of our employees and helping them to grow personally and professionally. We offer a unique value proposition to employees including Total Rewards, Work Journey, Work Paradigm, and Q-DNA to improve work-life balance and help employees live happier, more productive lives while contributing to our mission.

Job Description Summary

The Sr. Information Security Analyst plays a pivotal role in safeguarding sensitive data and fortifying our technology infrastructure, networks, and systems against an ever-evolving landscape of cyber threats. As a result, this position demands a unique blend of hands-on IT technical engineering expertise and business acumen with a focus on developing and implementing robust cybersecurity policies, procedures, and controls.In this role, you will have the opportunity to contribute to the organization's cybersecurity roadmap and priorities as well as foster cybersecurity awareness, education, and training for employees. Your analytical and problem-solving skills will be essential as you proactively monitor and assess cybersecurity threats, enabling you to implement effective mitigation measures and promptly resolve any information security issues that may arise.

The Sr. Information Security Analyst will also partner with our outsourced Technology Managed Services Provider, ensuring strict oversight to guarantee the fulfillment of contracted services. You will collaborate on matters pertaining to security tools, network monitoring, endpoint data protection, identity management, vulnerability/patch management, and incident response, upholding the highest standards of security throughout our organization.

Key Job Responsibilities and Accountabilities

  • Oversees the development, execution of information security policies, procedures, and controls to protect our organization's information systems, networks, and the confidentiality of data assets and sensitive information.
    • Ensures compliance with relevant regulations and industry standards including activities such as conducting internal audits, coordinating external audits, and ensuring adherence to compliance requirements.
    • Drives continuous improvement by proactively identifying and addressing Information security risks and vulnerabilities.
    • Communicates and collaborates with key stakeholders, within IT, executive management, and external partners or vendors.
  • Monitors effectiveness of security tools / processes and reports on the status of security services related to: Endpoint Intrusion Detection/Response, Endpoint Anti-Virus Malware, Vulnerability, SIEM and Patch management, Firewall Rules, Email Anti-Spam Quarantine, DLP, Identity Management, etc.
    • Responsible to configure and manage security tools, where applicable.
  • Provides vendor management oversight with our Technology Managed Services provider and other security vendor services to ensure adequate processes and controls are in place to monitor, detect and prevent cybersecurity incidents and threats. Monitors adherence to established service level agreements in conjunction with our Information Security and Vendor Management Policies.
  • Monitors and analyzes threat intelligence sources and conducts periodic technology risk assessments to identify emerging threats and vulnerabilities. Maintains the IT cybersecurity risk register and associated remediation action plans.
  • Prepares and delivers regular status health reports on security operations, vulnerabilities and risks, phishing and other securityincident response activities, and compliance audit efforts to management. This includes tracking and communicating security-related information to relevant stakeholders as well as executive briefs to senior management.
  • Develops and implements Information Security education and awareness training programs across the organization.
    • Creates training materials, conducts regular training sessions, and measures the effectiveness of the training program.
    • Manages projects along with related communications and content to support deployment and employee training and awareness programs.
  • Monitors, analyzes, and reports on employee engagement and security awareness as well as provides recommendations to management for improvements.
  • Ensures cybersecurity awareness benefits are clearly visible and champions related efforts going forward across the organization.
    • Manages the employee Phishing testing program and related analytics and reporting to assess the success of the program.
  • Performs technology security architecture evaluations to assess for vulnerabilities and weaknesses, recommending appropriate security technologies and solutions to enhance the organization's security posture.
    • Manages changes related to technology upgrades and other changes to the information security environment.
    • Performs cybersecurity risk assessments related to implementation of new technology and recommends appropriate controls to mitigate risk.
  • Performs vendor due diligence information security risk assessments and SOC audit reviews.
  • Manages response and mitigation actions related to audit findings conducted by internal audit, regulatory agencies or by other third parties.
  • Monitors and audits Identity management and user access privileges across Active Directory, Azure and all Single Sign-on SSO connectors.
  • Functions as a project manager on departmental and/or organization wide projects. Leads discovery and information gathering sessions. Conducts analysis and presents business case to management encompassing benefits, risks, cost, and solution recommendation. Manages the project plan inclusive of tasks, assignees, and project status updates. Contributes subject matter expertise in his/her assigned area, executes deliverables, and ensures the team completes project deliverables as outlined based on the project scope and requirements.
  • Creates and maintains Information Security documentation (policies and procedure; end-user guides, system administrator guides, etc.) using clear and concise language.
  • Supports adherence and adoption of IT policies, procedures, and governance standards.
  • Performs additional duties as required.
Job Requirements, Competencies, and Skills
  • Bachelor's degree in computer science, information technology or other related degree is strongly preferred, however a combination of education and related work experience may be considered.
  • The position has the following minimum requirements:
    • Seven plus years of Information Technology experience.
    • Four plus years of demonstrated "hands-on" information security engineering experience.
    • Two plus years of demonstrated "hands-on" experience running Azure Cloud security products and tools (e.g., MS Defender, XDR, Sentinel, Purview, Entra, Azure Logs, etc.).
    • Certified Information Systems Security Professional (CISSP) and or Certified Information Security Manager (CISM).
  • In-depth knowledge of security technologies and tools, such as networking, firewalls, intrusion detection and prevention systems, endpoint protection, Patching, vulnerability, DLP and identity Management tools and processes.
  • Technical knowledge and experience with Azure Cloud PaaS and SaaS technologies and M365 environments.
  • Knowledge of relevant regulations and standards, such as FFIEC, SOX, PCI, NIST or NCUA / OCC preferred.
  • Technical knowledge of Windows server and desktop operating systems and related technologies. Experience supporting virtualized environments, particularly Virtual Desktop Infrastructure using Citrix and Azure VMs.
  • Good understanding of network protocols (for example: TCP/IP, DNS, DHCP etc.)
  • Experience using ITIL Service Management based ticketing systems.
  • Excellent written communication and interpersonal skills, with demonstrated ability to formally package and present business case risk and or solutions to management stakeholders.
  • Results Driven, Adaptive Thinking, Digital Proficiency.
  • Excellent problem-solving, analytical, and time management skills.
  • Ability to provide IT service support and respond to incident alert notifications during off hours, on a rotational basis, is required.
  • Ability to physically lift, carry and install equipment weighing up to 25 lbs.
Environmental / Physical / Mental Requirements
  • Stable internet connection with speeds high enough for video conferencing and screen sharing.
  • Smartphone with current iOS/Android OS
  • Prolonged periods sitting at a workstation and working on a computer.
  • Ability to communicate with coworkers and customers via email, chat, teleconference, and/or phone.
Compliance/legal requirements
  • Quorum is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will be considered for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, marital status, protected veteran status, or disability status.
  • Quorum will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990. Reasonable accommodations are available upon request for qualified individuals with disabilities throughout the application and employment process.


**PLEASE NOTE**

We are not able to consider candidates for this role who reside in Montana, Nebraska, Rhode Island, or Puerto Rico

Salary Range: $100,000 to $115,000 annually.Individual salary will vary based on skills and experience.Discretionary incentive compensation may be available based on company and individual performance.

Benefits: Medical, Vision, Dental, Retirement Benefits, and Paid Time Off (PTO)

#LI-Remote

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)

  • Hybrid Security Design Assessment Analyst

    1 day ago

    Little Ferry, United States Shuvel Digital Full time

    Location: Arlington, VA Clearance: DoD Secret Certification: CompTIA Sec+ is required. ** ** Job Description: The Security Design Assessment analyst will provide support to the Security Design Architecture Team. Ensure design solution complies with security requirements at a solution, system, or network level and enforces implementation of common security...

  • Public Health Research Analyst SLRs Remote US

    1 day ago

    Little Ferry, United States ICA Corporation Full time

    Research Analyst II, Systematic Reviews - International Consulting Associates, Inc. (Remote) About ICA International Consulting Associates, Inc. is a rapidly growing company, located in Arlington, VA/DC metro area. We were founded in 2009 to assist firms with evaluating and achieving their objectives. We have become a trusted advisor to our clients by...

  • Senior IAM Analyst

    1 day ago

    Little Ferry, United States CORDOVA Full time

    Delivering Technology Solutions! IAM Analyst The Senior Identity & Access Management (IAM) Analyst is a cybersecurity specialist guarding the organization's information systems. The right candidate will plan, implement, and maintain IAM solutions to secure electronic data. This problem-solving role requires expertise in SailPoint and Delinea to configure IAM...

  • Security Engineer

    7 days ago

    Little Ferry, United States CYDERES Full time

    About The Company Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in...

  • Senior Security Engineer

    1 month ago

    Little Ferry, United States Cetera Financial Group Full time

    A company is looking for a Senior Security Engineer - SOC. Key Responsibilities: Monitor security events and alerts from various sources Analyze and investigate security incidents Configure and maintain Splunk platform for efficient log aggregation Required Qualifications: 5 years of experience as a SOC Engineer/Analyst or in a similar role Knowledge and...

  • Senior Security Engineer

    4 weeks ago

    Little Ferry, United States Cetera Financial Group Full time

    A company is looking for a Senior Security Engineer - SOC. Key Responsibilities: Monitor security events and alerts from various sources Analyze and investigate security incidents Configure and maintain Splunk platform for efficient log aggregation Required Qualifications: 5 years of experience as a SOC Engineer/Analyst or in a similar role Knowledge and...

  • Operation Technician

    2 weeks ago

    Dobbs Ferry, United States The Children's Village Full time

    **Position Overview**: Performs a wide variety of general and semi-skilled maintenance activities (e.g. carpentry, painting, plastering and drywall, electrical, lighting, heating and ventilating systems, alarms, plumbing, security etc.) for the purpose of completing projects within established time frames and providing a safe and workable environment....

  • Senior Business Analyst

    1 day ago

    Little Ferry, United States JPC Partners Full time

    JPC is looking for a Senior Business Analyst (Salesforce) to support our client's Salesforce implementation team and help them meet business needs in an organized, proactive approach. As a Sr. BA - Business Process Modeling and Salesforce Specialist, you will play a crucial role in analyzing and improving business processes, translating business needs into...

  • Operations Technician

    4 weeks ago

    Dobbs Ferry, United States The Children's Village Full time

    **Position Overview**: Performs a wide variety of general and semi-skilled maintenance activities (e.g. carpentry, painting, plastering and drywall, electrical, lighting, heating and ventilating systems, alarms, plumbing, security etc.) for the purpose of completing projects within established time frames and providing a safe and workable environment....

  • Operation Technician

    3 days ago

    Dobbs Ferry, United States The Children's Village Full time

    Job DescriptionJob DescriptionPosition Overview:Performs a wide variety of general and semi-skilled maintenance activities (e.g. carpentry, painting, plastering and drywall, electrical, lighting, heating and ventilating systems, alarms, plumbing, security etc.) for the purpose of completing projects within established time frames and providing a safe and...

  • Operation Technician

    2 weeks ago

    Dobbs Ferry, United States The Children's Village Full time

    Job DescriptionJob DescriptionPosition Overview:Performs a wide variety of general and semi-skilled maintenance activities (e.g. carpentry, painting, plastering and drywall, electrical, lighting, heating and ventilating systems, alarms, plumbing, security etc.) for the purpose of completing projects within established time frames and providing a safe and...

  • Revenue Senior Analyst

    2 days ago

    Little Ferry, United States NetWrix Full time

    About The Role Netwrix is seeking a highly motivated Senior Revenue Analyst to join our Corporate Revenue team. In this role, you will be responsible for revenue accounting and partner with Sales Operations, Sales, Legal and Product teams to provide revenue recognition guidance on a variety of areas including contract reviews and non-standard sales deals....

  • Sr. HR Project Manager Business Analyst

    1 day ago

    Little Ferry, United States Talentify.io Full time

    Job Summary As a PM/BA (Project Manager/Business Analyst) in the HR Transformation team, you will work with your stakeholders to understand issues they would like resolved or processes they want improved with the use of technology. This role will lead, plan and manage the Talent Development & Learning business transformation programs, including the overall...

  • Student Records Specialist

    4 weeks ago

    Dobbs Ferry, United States Mercy University Full time

    **Job Posting Summary**: Mercy University Registrar’s Office ensures the integrity and security of academic records and provides enrollment and academic support through innovative processes, complex systems and outstanding customer service to students, campus partners, and other collaborators. Mercy University’s Registrar’s Office (RO) is seeking a...

  • Student Records Specialist

    18 hours ago

    Dobbs Ferry, United States Mercy University Full time

    **Job Posting Summary**: Mercy University Registrar’s Office ensures the integrity and security of academic records and provides enrollment and academic support through innovative processes, complex systems and outstanding customer service to students, campus partners, and other collaborators. Mercy University’s Registrar’s Office (RO) is seeking a...

  • Night Auditor

    2 weeks ago

    Dobbs Ferry, United States Island Hospitality Full time

    Job Type Part-time Description Our team is looking to add a motivated Night Auditor to manage all aspects of front desk operations and be a key person of reference for our guests and vendors. To be successful in this role, you will need to extend professionalism and courtesy, have outstanding communication skills, and have the ability to work in a fast-paced...

  • Lead Data Engineer

    1 week ago

    Little Ferry, United States Dice Full time

    Dice is the leading career destination for tech experts at every stage of their careers. Our client, Iceberg, is seeking the following. Apply via Dice today! My client is a leading innovator in financial technology and trading, dedicated to pushing the boundaries of technology to create impactful solutions. We are currently seeking a talented Lead Data...

  • HRIS Data Analyst

    4 weeks ago

    Little Ferry, United States Altasciences Full time

    Your New Company! At Altasciences we all move in unison to assist and work in the discovery, development, and manufacturing of new drug therapies to get them faster to people who need them. No matter your role, we all play an important part and you will have a significant impact on the health and well-being of people across the globe. By living our values of...

  • Sr Marketing Strategy Manager

    2 weeks ago

    Little Ferry, United States Five Below Full time

    Position: Sr. Marketing Strategy Manager Location: Philadelphia, PA Hybrid - This role will be in office weekly JOB DESCRIPTION: Five Below is hiring for a Sr. Marketing Strategy Manager to be a part of the Digital Marketing team reporting to the Director, Digital Marketing. While Five Below has a hybrid work culture, the candidate will preferably be based...

  • Sr. Software Engineer

    1 day ago

    Little Ferry, United States Three Ships Full time

    About the Role Home Solutions is seeking a Senior Software Engineer to join our fast-growing auto business. As a member of the team, you’ll work closely with our senior leadership and other team members to implement new data pipelines, expand our growing data infrastructure, and lead the development of new on-site capabilities across multiple domains. If...