Senior Information Security Analyst Full-time Job

The Senior SOC Analyst will be responsible to provide information security risk support to enable our business to make smart, risk-based decisions on technology and business investments that have a successful impact on that information security posture. This role will be important to deliver risk management support and advisory across the organization reporting directly to the Sr. Manager of Cybersecurity.

 

How You'll Help:

• Develop and maintain repeatable and effective security incident response and/or threat management and/or network security management processes.
• Establish consistent security incident response and/or threat management and/or network security management practices and measures within each participating department (build, document, train, manage deployment, etc.).
• Lead and mentor Day & Ross IT and business stakeholders on security practices, specifically effective security incident response and/or threat management and/or network security management processes.
• Lead the program to ensure the scope of change management governs security incident response and/or threat management and/or network security management processes as defined in standard operating procedures.
• Ensure security incident response and/or threat management and/or network security management documentation is in line with the actual policies and procedures. 
• Manage audit of change management, ensure necessary reporting and work with auditors to ensure audit compliance.
• Lead or support (as required) the deployment delivery on projects/systems of low to high complexity.
• Actively engages the external service providers that deliver the outsourced services to ensure maximum adherence to agreed service metrics, while aiming for improvement of service and staff performance, end-user satisfaction and collaboration among service providers.
• Develop and maintain repeatable and effective security incident response and/or threat management and/or network security management processes.
• Establish consistent security incident response and/or threat management and/or network security management practices and measures within each participating department (build, document, train, manage deployment, etc.).
• Lead and mentor Day & Ross IT and business stakeholders on security practices, specifically effective security incident response and/or threat management and/or network security management processes.
• Lead the program to ensure the scope of change management governs security incident response and/or threat management and/or network security management processes as defined in standard operating procedures.
• Ensure security incident response and/or threat management and/or network security management documentation is in line with the actual policies and procedures. 
• Manage audit of change management, ensure necessary reporting and work with auditors to ensure audit compliance.
• Lead or support (as required) the deployment delivery on projects/systems of low to high complexity.
• Actively engages the external service providers that deliver the outsourced services to ensure maximum adherence to agreed service metrics, while aiming for improvement of service and staff performance, end-user satisfaction and collaboration among service providers.

 

Your Skills & Experience:

• University degree (computer sciences and/or engineering) highly desirable.
• Must have a current CISSP or related advanced IT security certification.   
• A broad knowledge of information security principles, and industry standards such as NIST, ISO 27002 and SANS-20. 
• Will have minimum least eight years of IT work experience related to the service operations function in an environment similar in size and complexity.
• Demonstrable and recent experience in leading Security Operations activities
• Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, and SOC2) and ability to glean significance from findings identified in these reports
• Demonstrate knowledge with information security principles, and industry standards. Significant understanding of FAIR quantitative risk analysis, NIST, ISO/IEC series of standards, SANS-20 and COBIT 
• Demonstrated experience in leading complex information Security design and deployment gained through 5-8 years of progressively more responsible work.
• Knowledge of board range of security management tools inclusive of SIEM, network and vulnerability testing tools.
• Broad knowledge across all areas of the Technology Architecture domain including Data Center, Data Storage Technologies, Virtualization, server platforms (Unix/Linux, Windows, AS400), Desktop, mobility solutions, monitoring/management, data protection, high availability/clustering, network (WAN/LAN/WLAN etc.), Security (Firewall, IDS/IPS, VPN etc.), etc.
• Understanding of Information Security Technologies deployed (QRadar, Tenable, Microsoft Security, Cisco Security, zScaler)
• Previous service deployment/delivery/service management experience
• Experience presenting and explaining design and information security concepts to non-technical users.
• Excellent written and verbal communication skills, including the ability to effectively communicate security- and IT risk-related concepts to technical and non-technical audiences.
• Able to successfully prioritize and manage to completion multiple tasks and deliverables.
• Excellent written and verbal communication skills, with experience presenting and explaining complex design, information security concepts and IT risk-related concepts to technical and non-technical audiences. 
• Able to successfully prioritize and manage to completion multiple complex tasks and deliverables.
• Act as security risk “ambassador” to both internal and external customers. Provide guidance and leadership to other risk management team members. Aptitude to understand business needs and deliver high-quality, prompt, and efficient service.

From a single truckload of potatoes in the 1950s to a fleet of thousands, Day & Ross has grown to become one of the largest transportation and logistics providers in North America. With over 7,500 team members on and off the road in the US and Canada, we offer a diversified portfolio of freight and delivery solutions, including LTL, Truckload, Residential, Dedicated Fleet Solutions, and Logistics.