The Senior IT Security Analyst is responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise. Assesses information risk and facilitates remediation of identified vulnerabilities with the network, systems and applications. Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies. Performs assessments of the IT security/risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program. Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings. Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications. Provides weekly project status reports, including outstanding issues. The IT Security/Risk Analyst assists in all IT audits, IT risk assessments and regulatory compliance.
- Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.
- Address questions from internal and external audits and examinations.
- Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including SOX, PCI, and/or FFIEC guidance.
- Facilitate IT security/risk training curriculum.
- Serve as project manager/lead within IT security projects.
- Promote awareness of applicable regulatory standards, upstream risks and industry best practices.
Education, Skills and Experience
Bachelor’s Degree in Information Systems, Computer Science, Information Security or related field required.
- 7-10 years IT security or information security experience with a proven ability to engage with Senior Management and regulators.
- 4+ years experience conducting IT compliance assessments (Sarbanes-Oxley, PCI, etc.)
- 4+ years experience in administering IT security controls in an organization.
- Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
Must be able to pass background and drug testing. Must be able to obtain a Public Trust Clearance.
About Allied Technologies and Consulting
Allied Technologies and Consulting, LLC is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
Equal Opportunity is the Law
Equal Opportunity is the Law Supplement
Pay Transparency Nondiscrimination Provision
Send resume to
Allied Technologies & Consulting, LLC
100 Tuscanney Dr., Ste. B2
Frederick, MD 21702