IT Security Analyst IV
This job is no longer active.
View similar jobs.
POST DATE 8/18/2016
END DATE 10/20/2016
Black Knight Financial Services
JOB DESCRIPTIONBlack Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems, data and analytics offerings, and information solutions that facilitate and automate many of the business processes across the mortgage life cycle.
JOB FAMILY DESCRIPTION
Administers an information systems program to validate security policies and regulatory requirements are met across the business, ensuring the company and its systems are protected from domestic or international security threats. Evaluates security controls to ensure effectiveness and compliance with the information security program and regulatory requirements, manages security control remediation efforts, and supports internal and external information security related audits. Uses information security tools and procedures to respond to inquiries. Recommends security solutions, advises on systems and application-level security configurations, and investigates/mitigates security risks as required.
GENERAL DUTIES & RESPONSIBILITIES
* Provide operational and project support for all security tools including but not limited to: Security Information Event Monitoring (SIEM), Intrusion Detection Systems (IDS), Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Privileged Access Management (PAM), Identity Management (IDM), Hardware Security Module (HSM), Transparent Database Encryption (TDE), Enterprise Key and Certificate Manage (EKCM), File Encryption, and/or API Encryption.
Serve as the subject matter expert (SME) in relation to installation, configuration, and troubleshooting of security tools.
Provide rotating on-call support for security tools to include nights and weekends.
Develops and manages security for business units across the enterprise to prevent hackers from compromising company systems and information.
Develops and implements security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures, and use of firewalls and encryption routines).
Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
Responsible for the tracking and monitoring of software viruses.
Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports, investigates possible security exceptions, and updates, maintains, and documents security controls.
Maintains the companys firewall and ensures utilization of encryption methods.
Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
Provides direct support to the business and IT staff for security-related issues.
Educates IT and the business about security policies and consults on security issues regarding user built/managed systems.
Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
Performs other related duties as assigned.
Bachelors Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience.
GENERAL KNOWLEDGE, SKILLS & ABILITIES
* One or more of the following certifications required: CISSP, CEH, CISM, GSEC
Experience supporting one or more of the following types of security applications or tools: Security Information Event Monitoring (SIEM), Intrusion Detection Systems (IDS), Database Activity Monitoring (DAM), Data Loss Prevention (DLP), Privileged Access Management (PAM), Identity Management (IDM), Hardware Security Module (HSM), Transparent Database Encryption (TDE), Enterprise Key and Certificate Manage (EKCM), File Encryption, and/or API Encryption
Experience working with QRadar, Guardium, Websense, Splunk, SafeNet, Venafi, Protegrity, SailPoint, Secret Server, or an industry equivalents is a plus
Working knowledge of Linux, Windows, and Network Operating Systems.
Experience writing scripts to automate tasks using common scripting languages (PowerShell, Bash, Python, Perl, etc.)
Experience working with XML, JSON, and/or Regular Expressions
Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy
Knowledge of BKFS business environment and the ability to evaluate information security risk implications
Knowledge of relevant legal and regulatory requirements * Knowledge of common information security management frameworks
* Experience working with a diverse range of data sources/streams and managing these effectively
* Excellent analytical, decision-making and problem-solving skills
* Ability to develop partnership-oriented relationships with business executives and functional leaders, especially as it relates to operations and technology
* Strong background in security operations, processes, solutions and technologies
* Strong understanding of policy, compliance, and best practice security principles
* Experience with enterprise risk assessment methodologies
* Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
* Proficiency in project management
* Ability to communicate well both verbally and in writing to technical and non-technical audiences of various levels within BKFS or outside the organization (executives, regulators, clients, etc.)
* Results oriented, business focused, and successful at interfacing across multiple organizational units
JOB FAMILY LEVEL
Expert professional role. Performs work that is highly complex and varied in nature. Develops integrated solutions to resolve highly complex technical and business issues. Recognized security expert internally and externally within multiple IT functional areas. Often provides strategic direction, guidance and integration of services. May lead multiple IT security projects or participate as a team member. Works on small to large, highly complex security issues or projects that require expertise in multiple IT functional areas. Requires expertise of security issues, techniques and implications across all existing computer platforms. May manage or serve as a project leader for IT security projects or the security components of multi-discipline projects. Must have extensive knowledge in networking, databases, systems and/or Web operations. May coach and guide more junior staff. Typically requires eight (8) or more years of combined IT and security work experience with an extensive exposure to systems analysis, applications development, and database design and administration and at least five (5) or more years of experience in a lower-level IT Security Analyst role. CISSP or equivalent professional certification is required (CISM, GSEC, etc.).
Black Knight Financial Services is an AA/Equal Opportunity Employer