Information Security Analyst

Client - Major Financial Firm
Role - Information Security Analyst
Rate - $59.26/HR on W2 (OT past 40 hours = $88.89/HR)
Duration - 9 Months (possible extension)
Location - Ofallon, MO


Description
The Third Party Information Security Assessment (TPISA) process ensures that the information security (IS) practices and controls of Client's third parties are assessed for compliance with Client's IS requirements. This position is with the TPISA program which is responsible for Client's established Third Party Information Security Assessment (TPISA) process and framework. The following are major responsibilities of the position:

• Review and update third-party assessment questionnaires (TPAQ).
• Create a database to flexibly manage a growing pool of security controls and questions for TPAQs.
• Create tools in MS Excel that may use macros to help organize TPAQ gaps. Create TPAQ templates in Excel.
• Rapidly learn the end to end TPISA process and answer emails with questions about the process.
• Write supporting documentation for procedures to carry out TPISA's, to be used by various stakeholders.
• Research Client policies, guidance, and standards as well as industry and regulatory best practices and update TPAQs, TPISA guidance and the TPISA process to meet these requirements.
• Create TPAQs that are customized for specific services provided by third parties.
• Work with global TPISA utilities to create country and region-specific TPAQs.
• Coordinate the translation of TPAQs into the various languages required for regional TPAQs.
• Participate in periodic meetings with representatives from Client business sectors and regions to discuss proposed changes in TPISA processes, TPAQs, and supporting documentation and attain approval for such changes.
• Design new approaches to improve efficiency and effectiveness of TPISAs.
• Create tools in MS Excel that may use macros to help organize TPAQ gaps. Create TPAQ templates in Excel.

Qualifications
The successful candidate will have the following proven skills and experience:
• Bachelor's Degree or higher with concentrations in IT, Information Security or related areas.
• Industry certifications such as CISSP, CISA or CISM.
• Excellent, proven writing skills. Hands in polished products that have been well proofread.
• Strong MS Access and Excel skills and experience.
• Experience as an IT Auditor, Assessor, or Information Security Officer.
• Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of information security domains. These information security areas include governance & risk management, access control, cryptography, physical security, security architecture and design, business continuity/disaster recovery planning, network security, application & operations security and compliance/incident management.
• Hands-on experience with a wide variety of technologies is a plus. Technologies include server infrastructure & operating systems, network & web infrastructures, database architecture and intrusion detection/prevention systems.
• Self-starter with the ability to manage and prioritize responsibilities through the effective use of time management techniques.
• Team player with proven skills in influencing people without having direct management authority and motivating them to successfully complete tasks within required timelines.
• Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
• Strong risk analysis and problem solving skills. •

Last updated on Mar 12, 2018