This site uses cookies. To find out more, see our Cookies Policy

Security Policies & Procedures Analyst in Alpharetta, GA at HUNTER Technical Resources

Date Posted: 6/8/2019

Job Snapshot

Job Description


Security Policies & Procedures Analyst

The position is responsible for developing and operating a formalized risk assessment audit and internal management review program to ensure compliance with existing cyber and physical security policies and procedures across the enterprise. The individual will use a variety of information security strategies to analyze, update, establish and implement policies, procedures, processes and standards that aim to protect the Company' s virtual and physical assets by mitigating cyber and physical security risks. It is imperative this individual stay abreast of new security processes, standards, and regulations while proactively seeking out alternatives to current policies and procedures in an effort to ensure regulatory compliance and facilitate continuous improvement.


Essential Functions and Responsibilities
  • Develops and leads security policies and procedures to protect Company' s assets, including physical land cybersecurity, ensuring accurate, consistent, and easy to understand content.
  • Ensure annual recertification is completed for internal policies, procedures, checklists, and training material.
  • Reviews and benchmarks security and information governance policy documentation.
  • Regularly revises and ensures security policies are current and up to date with industry standards.
  • Support policy and procedure-related requests stemming from Internal Audit findings, state examinations, and Corrective Action Plans.
  • Participates in due diligence exercises examining cyber and physical security policies and procedures of potential acquisitions.
  • Work with Procurement to review/audit vendor security practices are compliant with regulatory and Company' s standards.
  • Work with vendors when needed to modify security practices that are compliant with regulatory and Company' s standards.
  • Develops training programs on all security and information governance policies and determines the types of training that should be developed on critical policies, as well as, how often the training should be conducted.
  • Serve as a resource for policy research and analysis and provide reports to the Director of Security and Information Governance, IT management, and/or VP & CIO, as required.
  • Provides timely and relevant updates on security policies and notices from government agencies to appropriate stakeholders and decision makers.
  • Provides investigation findings to relevant business units to help improve information security posture.
  • Develops policies and procedures for analyzing compromised technical information.

Job Requirements
 
  • Bachelor’ s degree from an accredited college or university in Computer Science, Information Security, or a related field.
  • 7 + years of experience in cyber/physical security and information governance policy development and analysis

Preferred
  • Master’ s Degree in Computer Science, Information Security, Cybersecurity or a related field.
  • Proven experience with information controls.
  • Experience with the development of accurate and comprehensive reports and workflows/runbooks/checklists.
  • Demonstrated ability to develop a policy training plan and to provide training at all levels of management.