This site uses cookies. To find out more, see our Cookies Policy

Business Information Security Analyst in Pittsburgh, PA at Synerfac

Date Posted: 4/12/2018

Job Snapshot

Job Description

We are seeking a Business Information Security Analyst for a position in Downtown Pittsburgh.

This person will be responsible for establishing and driving a business specific Information Security program to improve identified security behaviors.

This role will be accountable for keeping clear lines of communication including but not limited to; transparency to the business on upcoming security initiatives, reporting of security risks to the CISO and appropriate committees, from identifying impact to the business and to consumers, to helping shape remediation, and developing external and internal communications. In addition, this role will also support the development of Information Security and Risk Management personnel (training, career pathing, etc).

Job Duties:
- Develop learning and development opportunities for the enterprise, privileged users, and staff of Information Security and Risk Management
- Ensure program is aligned with the Information Security Program, Policies and Standards
- Measure program effectiveness and report accordingly on progress
- Execute campaigns designed to improve enterprise security posture
- Follow change management methodology to mitigate identified security risks
- Support Business Units and CISO in identifying and mitigating risky behaviors.
- Improve compliance with security standards and policies across Business Unit teams.
- Greater awareness of information security and data privacy requirements (across enterprise).
- Demonstrate improvement in Security Behavior Index.
- Partner with the Governance, Risk and Compliance team to understand/ recognize security risks.
- Drive adoption of global security program standards throughout the product and core business platform teams.

Job Requirements

Job Requirements:
- Bachelor’s Degree or equivalent experience
- 3-5 years or more year of experience in IT or information security related role.
- Strong understanding of change management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
- Ability to manage multiple complex priorities and competing agendas without expressed authority over delivery teams
- Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
- High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Advanced skills with MS-Windows and other related PC applications
- Experience giving presentations and excellent communication skills preferred
- Master’s degree in organizational effectiveness or related discipline is preferred
- Prefer candidates with ADKAR (Prosci) certification