Information Security Analyst, Sr. or Lead -- Remote

When it comes to making a meaningful difference in the lives of our customers and employees, USAble Life is always ready. We are a diverse group of individuals working together to go the extra mile. Through our DEI initiatives, employees feel empowered to bring their talents and voice to our culture.

Our passion for delivering the best products is matched only by our passion for our people. We are committed to making a meaningful difference in the lives of others which extends beyond our office walls. USAble Life has a long tradition of supporting our communities, and we're proud of the fact that our employees share that commitment.

We have been recognized as a "Best Places to Work" in Arkansas, Florida, and Hawaii. You'll be rewarded with opportunities for personal and professional development and opportunities for advancement. This, coupled with our engaging culture and a comprehensive benefits package, ensures we are committed to our employees.

Check out how we make a meaningful difference in the lives of others!

https://player.vimeo.com/video/518665804

What We Offer You:

• A culture that values employees and celebrates, empowers, and inspires a diverse workforce
• Outstanding and affordable benefits package
• PTO provided at date of hire
• 11 paid holidays
• 401(k) with up to 6% match; fully vested from day 1
• Remote opportunities with company-provided equipment
• Team-oriented, collaborative group of peers
• Career advancement opportunities
• Tuition Reimbursement
• Employee Assistance Program
• Inclusion Council and Employee Resource Groups
• Recharge Days and Volunteer Time Off
• This position is remote, though candidates located near the Jacksonville or Litte Rock offices are preferred

Life Takes You Places! Are you ready to join us?

The base salary range for a Sr. Information Security Analyst is $82,000 to $148,000. The base salary range for a Lead Information Security Analyst is $94,000 to $170,000. Actual salaries will vary by geographic location and are based on factors such as candidate's qualifications, experience, skills, competencies, and company tenure & equity. In addition to base compensation, this role is eligible for a annual incentive plan based on company performance and individual performance.

This is a multi-level position with increasing levels of responsibility and requirements for each level.

Sr Information Security Analyst Overview

The Sr Information Security Analyst (Sr ISA) supports the Manager of Information Security. This position is responsible for providing guidance to ensure the design of business solutions meets security and compliance mandates. The Sr ISA partners with stakeholders across the organization to securely achieve the functional requirements of business initiatives. The Sr ISA acts with vision in identification and assessment of emerging information security trends and alignment to existing architectures for the betterment of the overall organization. This position assists in information security functions such as including security configuration, continuous monitoring of centralized information management systems, investigation and response to security incidents, vulnerability management, and the administration of global security management systems. The position will also provide support for security-based control frameworks. The incumbent will be heavily involved in cross-functional projects to positively impact the Company or customers.

Lead Information Security Analyst Overview

The Lead Information Security Analyst (Lead ISA) supports the Manager of Information Security. This position is responsible for providing guidance to ensure the design of business solutions meets security and compliance mandates. The Lead ISA partners with stakeholders across the organization to securely achieve the functional requirements of business initiatives. The Lead ISA acts with vision in identification and assessment of emerging information security trends and alignment to existing architectures for the betterment of the overall organization. This position assists in information security functions such as: security configuration, continuous monitoring of centralized information management systems, investigation and response to security incidents, vulnerability management, and the administration of global security management systems. The position will also provide support for security-based control frameworks. The incumbent will be heavily involved in cross-functional projects to positively impact the Company or customers, modeling the Values and inclusiveness of all employees.

Sr. Information Security Analyst Essential Duties:

• Analyzes security logs and related security events through a SIEM tool
• Performs vulnerability scans and penetration tests; develops and maintains scripts, routines and software to perform vulnerability threat assessments
• Participates as a member of the security incident response team; evaluates security incidents, develops solutions and communicates results to management; manages a computer crime or incident scene, including recognition of the proper investigative approach, conducting a field of search to establish probable cause for seizure, proper collection methods, evidence preservation, transportation, computer forensic analysis, and case management; uses various security tools and prepares reports on findings.
• Reviews vulnerabilities and makes recommendations to management
• Assist in the comprehensive risk assessments of third-party vendors to identify potential security vulnerabilities and make recommendations to management
• Evaluates security aspects of system changes (e.g. wireless, mobile)
• Maintains and monitors the Company's security subsystems
• Provides guidance to more junior security staff
  Assists in the development, implementation, and maintenance of security policies and procedures
• Serves as the information security subject-matter expert; provides advisory and consulting services as needed
• Remains informed on current and emerging trends, threats and issues in the security industry to provide technical guidance and minimize threats and risks to the enterprise
• With this knowledge, maintains the enterprise's security awareness training program
• Works closely with the Manager of Information Security and the IT infrastructure and operations teams
• Reviews existing architecture, identifies design gaps, and recommends security enhancements
• Participates in solution architecture design; leads security efforts assisting with the integration and initial implementation of solutions
• Monitors and ensures security controls effectiveness including adding and removing users, systems patching, firewall changes, and protects Company information and assets
• Performs other related duties and responsibilities as assigned

Lead Information Security Analyst Essential Duties:

• Acts as first line of escalation and issue resolution
• Assists team members in understanding processes and critical thinking around tasks
• Monitors processes and tasks

Sr. Information Security Analyst Required Knowledge, Skills, and Abilities:

• Must be capable of communicating to various levels of the organization about security items as well as externally to suppliers and Partners
• Must be able to establish credibility as a business partner respected by client-base with proven ability to gain buy in from teams
• Must be organized, intuitive and a collaborative problem-solver with the ability to be effective in a dynamic and fast-paced environment
• Financial acumen and analytical ability to identify and assess exposure to loss, and to examine alternative risk control techniques
• Ability to build trust and instill self-confidence through mutual respect and ongoing communication
• Capable of handling multiple and complex situations

Lead Information Security Analyst Required Knowledge, Skills, and Abilities:

• Must be a strategic thinker capable of communicating to all levels of the organization about security items as well as externally to suppliers and Partners
• Must be able to establish credibility as a business partner respected by client-base with proven ability to gain buy in from teams
• A self-starter who is organized, intuitive and a collaborative problem-solver with the ability to be effective in a dynamic and fast-paced environment
• Strong financial acumen and analytical ability to identify and assess exposure to loss, and to examine alternative risk control techniques
• Ability to build trust and instill self-confidence through mutual respect and ongoing communication
• Capable of handling multiple and complex situations

Sr. Information Security Analyst Required Education and Experience:

• Bachelor's degree in Information or Cyber Security, Telecommunications, Engineering, Computer Science, Management Information Systems or a related field (equivalent military or work experience can be considered in lieu of formal education)
• 5+ years of progressively responsible professional experience in information security
• 5+ years of IT experience
• CISSP or equivalent certification in good standing; any applicant working on their certification will meet this requirement as long as certification is obtained within 1 year of hire date
• Experience with COBIT, NIST, or ISO frameworks
• Project management experience
• Experience documenting and maintaining configuration and process information
• Experience and a strong knowledge base of information security systems including:
• SIEM solutions
• Vulnerability management solutions
• Antivirus solutions
• Multi-Factor Authentication and SSO solutions

Lead Information Security Analyst Required Education and Experience:

• Bachelor's degree in Information or Cyber Security, Telecommunications, Engineering, Computer Science, Management Information Systems, or a related field (equivalent military or work experience can be considered in lieu of formal education)
• 8+ years of progressively responsible professional experience in information security
• 10 years of IT experience
• CISSP or equivalent certification in good standing; any applicant working on their certification will meet this requirement as long as certification is obtained within 1 year of hire date
• Experience with COBIT, NIST, or ISO frameworks
• Project management experience
• Experience documenting and maintaining configuration and process information
• Experience and a strong knowledge base of solutions, trends, and information security systems including: SIEM solutions, Vulnerability management solutions, Antivirus solutions, Multi-Factor Authentication and SSO solutions

Sr. and Lead Information Security Analyst Preferred Education and Experience:

• Additional certifications like CCIE, CCNP, CCSP, CISM, CRISC, CEH or SANS
• Understanding of HIPAA/HITECH environments
• Blue Cross Blue Shield or other health and/or life insurance company experience
• Experience with Department of Insurance audits
• Knowledge of the insurance industry regulatory landscape
• Analysis and remediation on Microsoft Windows platforms
• Cloud Platform experience with major vendors (Azure and AWS), including PaaS, Saas, IaaS
• Knowledge of the following concepts; Firewalls, VPN, IPS, building security systems (cameras, doors, badge scanners), Endpoint protection, Mobile Device Management (MDM), Web proxy and traffic monitoring

Working Conditions (Physical Demands):

• Office Environment, with the rare need to service outdoor security equipment.
• Travel requirements: 10%

#USAL1