Skip to content
Careers

Senior Security Analyst

JR007753

The Senior Analyst of Security Compliance & Continuity will be part of a global function and help lead the organization’s information security audits, regulatory compliance, enterprise risk management, and data protection and privacy initiatives. This individual will work within the Global Compliance & Continuity function whose responsibility is to collaborate with internal and external stakeholders to implement and maintain appropriate controls to meet information privacy, security, regulatory and contractual requirements, and to manage enterprise risks at acceptable levels. The individual should be well-grounded technical controls to assure a secure and compliant enterprise. Key responsibilities include owning low to moderate complexity assignments and facilitating internal and external audits related but not limited to the following frameworks: PCI DSS, ISO 27001, ISO 22301, ISO 20000, ISO 9001, SOC 1 & 2 Type II, and data protection regulations. The individual will also assist in facilitating applicable third-party audits and evaluations of Ensono. This position is key to managing our organization’s deployment of controls and adherence to applicable requirements to manage risk. The fundamental objective is to provide reliable assurance to our stakeholders on Ensono’s due diligence in safeguarding the enterprise, and consistently delivering on its commitments.
The Senior Security Analyst position is an advance level security position with primary responsibilities for malware protection with opportunities to grow in additional areas of Information Security. Has specialized skills and experience needed for more complex issues/projects; requires little to no oversight; has solid understanding of organization, functional links, and some appreciated of the business environment.

Job Description

What you will do:

  • Facilitate the maintenance of technical and organizational controls across multiple technology platforms and diverse system environments within scope of our industry certifications and attestations (ISO, PCI DSS, SOC 1 & 2 [SSAE 18], SOx etc.)
  • Support ISO certificate maintenance activities (this includes ISO 27001, 22301, 20000, and 9001)
  • Perform periodic reviews of compliance with internal standards
  • Lead process improvement and automation initiatives
  • Support enterprise and third-party risk management, including conducting risk assessments, maintaining an enterprise risk register and the application of remedial actions
  • Facilitate internal and external audits and work directly with clients and their auditors
  • Participate in strategic planning and design of controls, and continuous improvement
  • Work with business units to understand and implement key controls and processes

What you will need:

  • At least eight (8) years of related experience
  • Knowledge of leading practices in information security and governance frameworks
  • Experience in performing audits, privacy and security risk assessments
  • Experience in working with auditors and facilitating audits
  • Willingness to learn
  • IT process knowledge in areas such as user access management, change control, incident management, networks, systems operations, security, compliance and risk management
  • Understanding of control concepts and processes, including but not limited to:
  • Secure development lifecycle, systems and application security
  • Cryptographic controls to safeguard data in transit and at rest
  • Identity and access management
  • Strong client relationship and interpersonal skills
  • Excellent written and verbal communication skills
  • 4-year Bachelor’s degree in computer science, information security, information technology or related fields (years of experience will be considered)
  • Preferred: maintains 1 or more professional certifications such as CISA, CISSP, CISM, CRISC, CGEIT, CIPP/T, QSA/ISA (or willingness to achieve certification within 12 months)
  • Honesty, curiosity, reliability, passion and collaboration – the foundation of Ensono’s culture

What will set you apart:

  • Willingness to learn new and complex subjects, and to execute related projects
  • Advanced degree in technology, information security or related fields. Experience in the Information Technology field may be considered in place of education in related fields
  • Technical background or training in IT business systems
  • Prior related consulting experience in cybersecurity, privacy and regulatory compliance
  • General knowledge of technology outsourcing methodologies, operations, cloud computing, regulatory and compliance frameworks
  • Willingness to undertake travel as needed, and based on direction from leadership

JR007753

Your journey with Ensono starts here.

Apply now

More career opportunities at Ensono

Explore additional openings with our team, and apply today.

Start your digital transformation today.