Information Security Analyst
With Solutran in Minneapolis MN USMore jobs from Solutran
Posted on November 07, 2019
About this job
Job type: Full-time
Role: System Administrator
security, sysadmin, web-services
Solutran is a leading FinTech company committed to creating game-changing, customer-friendly solutions. We serve health-seeking populations by partnering with the nation’s largest health plans, employers, retailers, and government programs. We’ve established a reputation for delivering modern, advanced customer experiences through best-in-class solutions used by millions.
Solutran is dedicated to promoting health, providing solutions for over-the-counter benefits, rewards, healthy food incentives and government programs supporting food insecure individuals. Learn more about our latest innovations at http://www.solutran.com.
The Information Security Analyst is responsible for the development, execution, and ongoing maintenance of a comprehensive information security management plan that will help to protect Solutran’s business activities, systems, and information both publicly and internally. This includes effective policies and procedures for ensuring reduction in risks and potential breaches as well as educating our business on required actions and adoption. Furthermore, this position will be responsible for embedding information security best practices as a continuation of Solutran’s culture. All of this includes overseeing the development of the information security technical architecture, as well as security standards, controls, procedures and guidelines for the computer platforms, applications and networks across the enterprise.
ESSENTIAL DUTIES & RESPONSIBILITIES
- Develop and monitor a strategic, comprehensive enterprise information security and risk management program (including strategy, policies, standards, processes, and guidelines) to ensure the integrity and confidentiality of information owned, controlled or processed by the organization.
- Lead third-party audits, including SOC 2, HITRUST, and other audits as requested by clients.
- Respond to IT Security Compliance questionnaires and other Security Compliance requests from clients.
- Implement and lead the strategy for managing and reporting security incidents and oversee investigations of reported security breaches.
- Review and approve security policies, controls, and security incident response planning.
- Create and maintain identity and access policies; oversee identity and access management.
- Proactively create, maintain and publish information security policies, standards and guidelines, and ensure their implementation into Solutran’s products.
- Ensure cyber security policies, procedures, and best practices are communicated across Solutran’s business functions and ensure compliance is enforced.
- Facilitate and conduct periodic audits and testing.
- Chair the internal Informational Security Committee.
- Partner with the Solutran management team to identify, manage, and minimize security risks, and provide relevant and timely reports that drive business decisions.
- Identify technical threat mitigation best practices in the software and financial services industries and implement as needed. Propose new technologies and adapt strategies to evolving threat information.
- Provide leadership and direction to a team responsible for enterprise information security policies and practices, coordinate incident response activities, complete cyber threat analysis & assessment, and maintain compliance to standards and regulatory requirements.
- Define and select necessary information risk and cyber security compliance tools, suppliers, and services.
An individual in this position must be able to successfully perform the essential duties and responsibilities listed above. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.
- Bachelor’s degree in IT, Computer Science or related technology field is required.
- Minimum 3 years of experience in Information Security.
- Proven history of developing and managing cyber security policies and procedures for Financial Services, SaaS, Cloud and/or Technology companies.
- Experience working in an agile, DevOps/SecOps culture, with a proven practice of embracing iterative methodologies, and modern software development practices.
- Excellent communication and interpersonal skills, with a strong attention to detail.
- Ability to link information security issues to broader business goals.
- Ability to lead and motivate cross-functional teams while thriving in a fast-paced, growing company.
- Demonstrated success in automation of security operations.
- Master’s Degree with relevant certifications (CISSP, SSCP, etc.)
- Track record of success in the development and championing of information security programs.
While performing the duties of this job, the employee is frequently required to sit, stand, walk, talk or hear; uses hands to finger, handle, or touch objects or controls. On occasion, the employee may be required to stoop, bend or reach above the shoulders. The employee may occasionally lift, push, or pull up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
The position is an office-based position.
This position does not require frequent travel.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.
Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports and business correspondence. Ability to effectively present information and respond to questions from groups of managers, clients, and vendors.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other characteristic protected by federal, state or local law.