LEAD INFORMATION SECURITY ANALYST
Under general direction, responsible for the development and implementation of information security procedures and technology required to protect company information assets and resources. Provides project management-level guidance and acts as liaison between other organizational units for security-related projects.
Essential Duties and Responsibilities:
- Performs/oversees periodic risks assessments to identify current/future security vulnerabilities, determines the acceptable level of risk, and prepares recommendations to reduce information security risks to an acceptable level.
- Analyzes data and prepares statistical exception reports.
- Periodically initiates quality measurement studies to determine if the information security functions operate in a consistent manner with standard industry practices.
- Develops action plans, schedules, budgets, status reports, etc. to improve the status of the information security function.
- Provides technical guidance regarding risks and control measures associated with new and emerging technology.
- Prepares and periodically updates information security policies, architectures, standards, and/or other technical documents to ensure all resources are adequately protected.
- Interprets information security policies, standards, and other requirements as they relate to internal information systems.
- Assists in the selection, installation, and adoption of automated tools that enforce or monitor the compliance of information security policies, procedures, standards, and other information security requirements.
- Recommends new approaches that allow greater standardization and more effective management of information security measures.
- Ensures adequate audit trails exist for the detection, investigation, correction, and/or disciplinary action related to information security breaches, violations, and other incidents.
- Participates as a technical advisor for a variety of ad-hoc information security projects as dictated by business and technology developments.
- Coordinates information security efforts for internal groups that have security-related responsibilities.
- Investigates methods to implement information security-related technologies to achieve the goals found in the Strategic Plan.
- Completes specific aspect of projects.
- Maintains expertise of current security issues, trends, and technologies by attending conferences, professional association meetings, and technical symposiums.
- Mentors departmental associates to assure that the highest level of security is achieved.
- May assume managerial responsibilities of departmental staff in the absence of Manager, Information Security.
- Performs a variety of other duties as assigned.
Education, License or Certification:
- Bachelor’s degree in Computer Science or Programming or equivalent experience.
- 10-12 years’ experience in the support development and implementation of security or security concepts and risk analysis
- Job Function Exempt
- Pay Type Salary
- St. Louis, MO, USA