Information Security Analyst

Posted: Monday, December 02, 2019
Location: New York

Department: Information Technology/Security
Reports to: Chief Information Security Officer
Direct report(s): No

General purpose of position

The goal of information security is to protect the confidentiality, integrity and availability of information assets. The information security team is responsible for defining and implementing security policy and standards and continuously monitoring for new threats. The Information Security Analyst is part of the information security team, reporting to the CISO, and contributes to all aspects of the information security program.

Primary duties/responsibilities

The responsibilities of the Information Security Analyst include:

•                     Defining and maintaining security policy and standards

•                     Performing risk assessments

•                     Performing security testing on applications and systems

•                     Evaluating security products and vendors

•                     Implementing and configuring security tools

•                     Monitoring for and responding to security incidents

•                     Managing vulnerabilities by researching new threats, performing scans and tracking remediation

•                     Providing user security training

Specific skills, competencies, resources and/or software/technology used on the job


·         Strong technical knowledge and hands-on working experience with enterprise technologies and security products including firewalls, security information and event management (SIEM), network access control (NAC), endpoint protection, multi-factor authentication, mobile device management (MDM), vulnerability scanners and email security.

·         Good understanding of information security standards and regulations applicable to insurance and financial service sectors.

·         Ability to communicate effectively and professionally, both verbally and in writing.


Education, certifications and/or experience requirements

  Degree in Cyber Security or other IT discipline.

·         5-6 years information security experience in insurance or financial services industry.

·         Certified Information Systems Security Professional (CISSP) or equivalent certification.

Apply for the position

Return to list