Senior Information Security Analyst

Summary

Join a prominent leader in the renewable energy sector as a Sr. Information Security Analyst in Fremont, CA. This role offers a significant impact in the security domain. Key responsibilities include security configuration, policy development, team collaboration, project participation, incident response, and liaison work for the cybersecurity team. You will develop and evaluate security solutions, stay updated on attack methods, and collaborate with internal and external partners. The position requires 5+ years of experience in information/cybersecurity or IT system administration with a security focus, along with expertise in incident response, compliance knowledge, and strong communication skills. Remote work flexibility within the United States is offered.

Requirements

• At least 5 years of experience in information/cybersecurity or IT system administration with a security focus
• Understanding of security requirements for implementing technical systems and monitoring them for unusual and suspicious activities
• Expertise in incident response and system monitoring and analysis
• Experience with compliance and framework requirements such as CCPA, GLBA, GDPR, HIPAA, SOX, CIS Controls, NIST CSF, COBIT, etc
• Ability to effectively communicate business risks related to cybersecurity
• Experience conducting risk and other assessments to protect the business and comply with privacy laws
• Knowledge of multiple computing platforms, including Windows, OSX, Linux, Unix, networks, and endpoints
• 5+ years of experience in Vulnerability and penetration testing engagements
• 5+ years of experience in Change management and project management
• 5+ years of experience in Creating policies, standards, and guidelines
• 5+ years of experience in Cyber Threat Intelligence (CTI) analysis
• 5+ years of experience in Creating and maintaining report dashboards
• 5+ years of experience in Working with 3rd party vendor security reviews and assessments

Responsibilities

• Assist with establishing security configuration standards for systems and business applications
• Create, maintain, and update security policies, processes, and procedures for systems and business applications
• Serve as a key member of the cybersecurity and change management teams
• Engage in both technical and non-technical projects requiring cybersecurity oversight, ensuring compliance with relevant policies, procedures, and standards
• Act as an additional member of the security team, supporting incident response (IR) activities alongside the IR and security operations center (SOC) teams
• Serve as a liaison for the cybersecurity team, improving the organization's overall security posture
• Develop, evaluate, test, and document security solutions and controls, working closely with team members to mitigate risks while enabling business innovation
• Stay ahead of cyber attackers by keeping up to date with the latest attack methods, continually learning and growing in the role
• Work collaboratively with internal and external partners, technology management, and business stakeholders
• Maintain vendor management standards, questionnaires, and documentation to comply with regulatory requirements
• Interface with internal and external parties for various assessments
• Recommend new security solutions and improve existing security controls without hindering business innovation

Preferred Qualifications

• (ISC)^2: CISSP, SSCP, CCSP, CGRC, ISSEP
• ISACA: CISA, CRISC, CGEIT, CSX-P
• CompTIA: Security+, CySA+

Benefits

Remote work flexibility within the United States