Information Security Analyst

Accesso - Lake Mary, FL - Position Overview: We are seeking an Information Security Analyst to support our IT Security compliance requirements and company risk tolerance. They will ensures that adequate and effective security processes and controls are followed and aligned to deliver compliance with security policy and regulatory requirements. The Information Security Analyst Analyst serves as a key point of contact and technical expert supporting the accesso® security compliance program, establishing appropriate assessments, managing and tracking risk mitigation and remediation activities, and communicating compliance program results to Senior Management. The Information Security Analyst works across the enterprise with individuals in multiple organizational units, bringing them together to manifest controls that reflect workable compromises as well as proactive responses to issues. Additionally, the Information Security Analyst supports the development and implementation of a company-wide security awareness and education program. Reports To: Director, Information Security & Compliance Location: Lake Mary, Florida, USA ***Please note in light of COVID-19, all of our employees globally are telecommuting until further notice.*** Travel: None Responsibilities Include: Acts as a central point of contact and technical expert for IT security compliance processes, collaborating across the enterprise with multiple business partners Manage Governance, Risk and Compliance (GRC) solution Collaboratively works to influence and socialize Information Security controls, standards, policies, procedures, and communications. Performs periodic risk assessments that identify current and future internal and external information security vulnerabilities, provides necessary information to derive decisions about risk acceptance and risk mitigation, and identifies strategies to reduce information security risks Coordinates the development, management approval, and communication of IT security risks across the organization. Communicates across the enterprise by developing and disseminating action plans, schedules, status reports and other communications related to information security, including communications intended to track and improve the status of information security issues (e.g., security vulnerabilities, risk-mitigating initiatives, policy compliance status, regulatory compliance status) Supports the accesso security program, ensuring the identification, tracking, prioritization, and remediation of all internal/external compliance requirements Ensures adequate and effective IT controls exist to meet current and future security compliance requirements found in local, state, federal and international laws and regulations (e.g., SOX, PCI, GDPR) Coordinates selected tests of information security measures, including targeted penetration attacks and other configurable and administrative controls reviews Designs and engineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability Develop and manage the IT risk management program including identification, tracking and reporting of enterprise risk(s) to management. Acts as member of the accesso Incident Response Team Manages special projects related to information security that may be needed to appropriately respond to ad-hoc or unexpected information security compliance events Coordinates the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent Understands the fundamental business activities performed by accesso, and based on this understanding, suggests appropriate information security solutions that adequately protect these activities Assists with the implementation of company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices Work with departments and vendors to ensure accesso Information Security requirements are incorporated into the rollout of new systems Aligns individual goals to Information Security and Technology team goals with S.M.A.R.T. objectives Qualifications: Minimum of 3+ years' of experience in an IT role focusing on information security or IT compliance. Experience drafting and communicating security policies and standards Experience in handling and resolving incidents of IT security breaches Experience developing security programs (e.g., IT Risk Assessment, Compliance, Vulnerability Management, Vendor Security) Experience leading internal assessments (e.g.; PCI-DSS, SOC1/SOC2, GDPR, CCPA) Bachelor's degree in Computer Science, Information Technology, or a relevant field CISA, CRISC or CISM technical certifications strongly preferred Perks & Benefits: Competitive compensation package including discretionary annual bonus opportunity. 4-weeks of Paid Time Off for employees up to 3-years of tenure (higher accrual thereafter); 8-hours of paid Volunteer Time Off to give back to organizations and groups you feel most passionately about; 2-weeks of paid Parental Leave so you can bond with your child(ren) following a birth, adoption, or foster care placement; Inclusive Family Benefits - access to end-to-end support for maternity, surrogacy, adoption, and fertility, with a $5,000 benefit toward surrogacy, adoption, and fertility; Three different medical insurance plans to choose from, including an employer-contributed HSA; Employer-paid short & long-term disability and life insurance; Matching 401K; Unlimited access to Udemy for Business for continued learning and career development; A flexible work schedule around our core business hours. WORKING AT accesso: accesso is taking precautions to protect the health and wellness of our employees around the world during the current pandemic, including but not limited to the temporary suspension of business travel and the implementation of remote work. Albert Einstein said, “In the midst of difficulty lies opportunity.” At accesso, this time of uncertainty has created opportunities for us to strengthen our partnerships as we continue innovating on future technology needs in a post-COVID world; to grow as a company as we identify areas for improvement in business processes and practices; and to focus on our wellbeing as we learn to navigate a new circumstance while staying meaningfully connected with our individual selves, families and teams. When we are in the office, we have FUN! From our bright, open spaces, foosball and ping-pong tables, caffeine and snack-filled cafes, we've created office environments all over the world that nurture our team members' creativity and fosters our company's core values: Passion, Teamwork, Commitment, Integrity, and Innovation. These values are celebrated globally, by region, and by team through a multitude of recognition programs such as iValue, Rockstar, and Legends Awards. We are empowered to do our jobs and then are recognized and rewarded for doing it well. Our teams work really hard, encourage and motivate one another, and love to celebrate personal and professional accomplishments as a family. This creates an atmosphere where people are eager to solve problems together and want to continuously do better for not only themselves, but for their teams and peers. We are an Equal Opportunity Employer and believe in the power of inclusivity. We are committed to creating a diverse environment for our employees to celebrate one another's unique qualities. Any hiring decision made is assessed on the basis of qualifications, merit, and business need. We are an Equal Opportunity Employer and believe in the power of inclusivity. We are committed to creating a diverse environment for our employees to celebrate one another's unique qualities. Any hiring decision made is assessed on the basis of qualifications, merit, and business need. Read more about at accesso. ABOUT accesso: At accesso, we understand that technology is a critical component to our client's success and the happiness of their guests. No business should have to settle for technology that creates more issues than it solves! Technology should be the solution, not the problem. Our clients need powerful technology solutions to grow their businesses and create connected guest experiences - and accesso delivers! That's why over 1,000 venues in 30 countries have chosen to partner with us.​ ​​ The status quo is not an option. If you're not moving forward, you're falling behind. With our accesso solutions, venues can empower their staff with the control, data and confidence to make informed decisions that will drive revenue, create operational efficiencies and improve guest experiences.... - Permanent - Full-time

source http://jobviewtrack.com/en-in/job-1f1c41644302001c4a15540a070f4e340043011a0007530b7c434c08161d5376690d0e0e1c0a04541d070753794e5e585f0d1b17252745001d1307131c003506081f5358492f640a090155194117010e0047244e150410005e296e484e111d07530d215a58525a/62f5e4ed3f785bc3f41c8ff548e02aee.html?affid=f584d43114bf1954a48e3ec6be21b6ec