Assist in Completing Client-Issued Information Security Assessments and Tracking Remediation

Keane
*Position Title: / Junior Information Security Analyst
*Position Type: / Full-Time
*Compensation: / Salaried
*Start Date: / ASAP
*Location: / King of Prussia, PA
*Job Requirements
*Job Description / The Junior Information Security Analyst reports to the Corporate Information Security Manager and is responsible for conducting internal IT, information security and operational assessments of various systems, applications and business processes to verify compliance with prescribed policies and procedures and identify risks. The Junior Information Security Analyst assists with recurring security and compliance monitoring tasks, including access reviews, log reviews, vulnerability scans and penetration tests, client-issued information security assessments, vendor management assessments, and tracking of remediation items. Additionally, the Junior Information Security Analyst prepares and presents audit reports and recommendations to improve and promote effective internal controls and operational efficiency, and provides council and advice to management regarding audit findings, recommendations and appropriate corrective measures.
The ideal candidate has experience in an IT or information security audit capacity and must possess strong attention to detail, be self-motivated, and have solid written and oral communication skills.
* Skills & Qualifications: / Duties: Include, but are not limited to the following:

• Perform recurring security and compliance monitoring tasks, including but not limited to: access reviews, log reviews, vulnerability scans and penetration tests.
• Plan and conduct internal audits to assess IT and security controls, operational efficiencies, and compliance with selected policies and procedures. Report audit findings and make recommendations to key stakeholders to communicate results and effect change when necessary.
• Assist in the development, deployment, annual review and communication of company policies, procedures and standards.
• Assist in completing client-issued information security assessments and tracking remediation items.
• Conduct vendor management assessments, present results to senior management, and track remediation items.
• Assist in coordinating the annual SSAE 16 audit process.
• Assist in annual business continuity and disaster recovery activities, including risk assessment, business impact analysis, business continuity plan, and business continuity testing.
• Participate in a team environment and build strong working relationships.
• Keep abreast of current and emerging technologies and recommend changes to audit programs and monitoring tasks as necessary.

Qualifications:

• 1-4 years of work experience in an internal or third-party IT or information security audit capacity.
• Ability to effectively communicate with HR, IT, business managers, senior management, and executives.
• Candidate will understand the role of security controls, audit controls and risk treatment plans, and will have a general understanding of privacy and information security laws, regulations and standards: GLBA, SOX, HIPAA, FISMA, CA and MA state laws, etc.
• Knowledge of industry security standards and frameworks, including: ISO 27001/2, COBIT, NIST, etc.
• Knowledge of risk management concepts, tools, and techniques.
• Knowledge of system hardening practices and audit techniques for assessing the security of common operation systems, databases and business applications.
• Knowledge of network and Internet security devices, protocols, and techniques.
• Demonstrated project management skills.
• Strong analytical skills to analyze IT and business processes and identify risk.
• Proficiency in Microsoft Office applications.
• Strong work ethic, excellent verbal and written communication skills.

• Self-starter, self-motivated, pro-active and able to handle concurrent activities.
• Excellent interpersonal skills and a positive attitude.

Education: / Bachelor’s Degree in Information Security, Computer Science, MIS or related field.
Certification(s): / Required: None
Desired: CISA, CISSP, etc.
Travel: / None
*Contact Information
Job Reference: / N/A
*Contact Name: / Nicole Griet – Human Resources
Email Address: /
Telephone: / 610-232-0700
Fax:
Website: /
Company Information: / Keane has been providing services to address the complexities of unclaimed property for more than 65 years. Keane provides a comprehensive array of business services to help companies achieve compliance with state unclaimed property laws and regulations, while identifying and mitigating the risks associated with non-compliance.
Special Instructions: / Please submit all applications through Nicole.

ISACA Philadelphia is not responsible for the content or accuracy of this job posting.

Template Version 1.1: 02/21/07

Page 1 of 2