The Senior Information Security Analyst will implement and support Segal's Information Security Program. The role will interface with colleagues throughout the organization including the Technology and Security Services group within IT, as well as IT Applications. In addition, the Information Security Analyst will collaborate with, and serve as a resource and advisor to Segal's Data Security Committee and its members, and to Segal as a whole.
Responsibilities: - Support Segal's Access Management Program initiatives and evolution.
- Support Segal's Vendor Risk Management Program initiatives and evolution.
- Interface with clients as warrented to represent Segal's Information Security program and capabilities in correlation to client requirements.
- Coordinate and track Information Security related third party audits and assessments (e.g. SOC2, HIPAA Security Rule Compliance, penetration and vulnerability tests) including scope of audits, timelines, and outcomes.
- Generate and maintain Information Security reporting metrics including preparing metrics for presentation to senior company management.
- Support Segal's Data Loss Prevention (DLP) program including program evolution, event investigation, and metrics generation.
- Leverage auditing controls and processes to evaluate ongoing compliance with regulatory and client requirements which include but are not limited to: SOC2, NYSDFS, DOL Cybersecurity Guidelines, as well as Segal Information Security Policies and Procedures.
- Generate and maintain status reports and metrics on any required remediation efforts that result from Risk Assessments, Analysis, Vulnerability, and Penetration Assessments.
- Coordinate with Technology and Security Services and IT Applications management to ensure technical systems and controls are aligned with Segal and client information security goals and requirements.
- Contribute to the development, maintenance, and delivery of information security awareness content and programs.
- Create, develop and maintain comprehensive information security documentation, and policies and procedures to be leveraged in responding to client and auditor security inquiries, as well as for Segal marketing purposes.
- Provide project management for security related projects including but not limited to policies and procedures development, proposal language maintenance and audits.
- Serve as an integral part of the IT Computer Security Incident Response Team (CSIRT). Coordinate Incident Response procedures including but not limited to identification, fact gathering, and documentation.
- Monitor, investigate, interpret, correlate and evaluate Information Security alerts that are generated by Segal's various Security infrastructure components and services.
- Monitor IT security industry trends, issues, and emerging technologies. Advise, counsel, and educate IT management on their relative importance and impact.
Experience: The candidate will have 3-5 years of experience in Information Security, including recent experience with security programs (i.e. Data Access Management, Vendor Risk Management, Compliance, Data Loss Prevention, Vulnerability Management, metrics and reporting, policies and procedures, audits, governance, oversight, etc...) and technology (i.e. Intrusion Prevention Systems, e-mail and web filtering, identity and access management, Mobile Device Management, etc...). In-depth understanding of Information Security concepts. Knowledge of the security compliance requirements for HIPAA, SOC2, NYSDFS, etc.... Experience supporting related functions (such as IT audit, IT Risk Management, regulatory compliance). Experience with the development and implementation of enterprise security architectures and programs. A strong background in IT architecture and operations, with a solid understanding of security and auditing systems as well as networking protocols. Project management experience required. Strong communication, documentation, and presentation skills required. Bachelor's Degree in a related field or equivilant experience.
Diversity, Equity & Inclusion at Segal:
We recognize that individuals bring a broad range of experience, abilities and reward expectations that may fall outside the stated requirements of this job. If your overall experience and qualifications warrant consideration for this or other similar positions, we encourage you to apply. Diversity of employment, skills and life experience, combined with passion, are key to innovation and excellence. We encourage individuals, including but not limited to women, minorities, the disabled and protected veterans and those from all other backgrounds to apply to our positions. Please let us know if you require accommodation during the interview process and...thank you for considering Segal.
About Segal and its Total Rewards Program:
Segal is a privately owned, leading North American employee benefit, human resources and investment management consulting firm with over 80 years of history providing trusted advice that improves lives. Clients include public and private corporations, multiemployer trust funds, public sector entities, higher education institutions, institutional advisors, among many others.
Segal's total rewards are part of what makes us a special place to work. The current salary range for this position is $72,000 to $90,000 plus opportunity for a discretionary performance bonus based on company profitability and employee performance. In addition, Segal offers a comprehensive suite of benefits to include a non-contributory defined benefit pension plan, matching and discretionary contributions to a 401(k) profit sharing plan, medical and prescription benefits including contributions to a health savings account for eligible employees, dental benefits, life insurance, disability insurance, an Employee Assistance Program, wellness benefit reimbursements and rewards, and professional credential and tuition reimbursement. Segal also provides comprehensive paid time off including holidays, vacation days, sick leave, paid family leave and sabbaticals.
Please Apply...
Segal is the right size, the right organization and...the right move for you! Please apply now.
#hybrid
