at HH Associates US Inc. in Chicago, Illinois, United States
Job Description
Purpose of Role
HH Global has a requirement for an Information Security Analyst to help us ensure that our information security policies, procedures, standards and threat defenses are reviewed, maintained and continuously improved to provide an information security management system of excellence.
The individual will assist us with threat discovery and analysis and ensure we continue to be compliant with ISO27001:2022.
You will be responsible for supporting the overall enhancement and assurance of Information Security. The role includes developing, maintaining, enforcing Information security standards and procedures in line with ISO27001:2022 ISMS and SOC 2 Type II standards, industry best practice and stakeholder requirements; the provision of expert advice to projects within HH Global including evaluating, reviewing, recommending and setting baselines for new security technologies for use within the business.
This role includes a collective oversight of IT Security Governance, risk management, compliance and assurance including the technical and organizational controls assuring the confidentiality, integrity and availability of information assets. The Information Security Analyst is also responsible for providing expert guidance and techniques and presenting efficient and pragmatic change recommendations to stakeholders enabling them to own and manage their information security requirements and controls to change or improve our ISMS.
You will be required to implement security controls and work alongside the IT engineers and Security Operations Center to enhance the infrastructure and improve practices where possible.
The successful candidate is expected to have experience within an IT technical background to allow a good understanding on how to improve and maintain security posture from a security and technical perspective.
This position will be based remotely.
Key Responsibilities
Review and risk assess information security reports and dashboards to identify threats, vulnerabilities and opportunities for improvement regarding information security threat defenses.
Assess, investigate and support security incidents and vulnerabilities.
Support and collaborate with our Security Operations Center to respond to incidents and requests, and to improve our organizational security posture.
Review, manage and implement security controls to cloud technologies.
Support, control and evaluate IT Security operations.
Organization and management of penetration tests and vulnerability management reports.
Implement controls, policies and recommendations of security findings to improve the organization security posture.
Assist in the development of plans to safeguard information security assets against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
Assisting in the development, recommendation and implementation of Information Security framework for HH Global, in line with IS027000 series principals and good practice disciplines, including overarching policies, procedures, guidelines, awareness and training plans, security monitoring processes, privacy regulations and overall security infrastructure recommendations.
To work collaboratively or independently as part of the Information Security and Risk team to ensure the design, delivery, implementation and operational testing of agreed security strategies meet the business needs.
Assess Information Security controls to ensure they meet the legislative and regulatory compliance and propose remedial actions surrounding identified deficiencies.
Monitoring security compliance through ongoing security control reviews and risk assessments, change management reviews and working closely with the ISR team to advise on Information Security issues that require support and closure.
Assisting with the development of policies based on audit findings;
Assisting with risk assessments;
Assisting with the review, approval and implementation of IT changes with security conscious principles applied.
Assisting with the support and ongoing maintenance of the ISO27001:2022 ISMS
Contribution to Information Security strategy, overseen by the Global Head of Information Security and Risk.
Knowledge, Skills + Experience
Must be legally authorized to work in the country where this vacancy is listed, without the need for current or future sponsorship from HH Global
Excellent attention to detail, analytical skills and an ability to analyze complex technical information to identify patterns and trends.
An ability to work under pressure,... For full info follow application link.
Equal Employment Opportunity Employer: HH Global is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
