The Information Security Analyst will lead Solutran’s Information Security, Security Operations and Information Security Compliance organization.
The Information Security Analyst is responsible for the development, execution, and ongoing maintenance of a comprehensive information security management plan that will help to protect all Solutran’s business activities, systems, and information both publicly and internally. This includes effective policies and procedures for ensuring reduction in risks and potential breaches as well as educating our business on required actions and adoption. Furthermore, this position will be responsible for embedding information security best practices as a continuation of Solutran’s culture. All of this includes overseeing the development of the information security technical architecture, as well as security standards, controls, procedures and guidelines for the computer platforms, applications and networks across the enterprise.
ESSENTIAL DUTIES & RESPONSIBILITIES
- Develop and monitor a strategic, comprehensive enterprise information security and risk management program (including strategy, policies, standards, processes, and guidelines) to ensure the integrity and confidentiality of information owned, controlled or processed by the organization.
- Lead third-party audits, including SOC 2, HITRUST, and other audits as requested by clients.
- Respond to IT Security Compliance questionnaires and other Security Compliance requests from clients.
- Implement and lead the strategy for managing and reporting security incidents and oversee investigations of reported security breaches.
- Review and approve security policies, controls, and cyber incident response planning.
- Create and maintain identity and access policies; oversee identity and access management.
- Proactively create, maintain and publish information security policies, standards and guidelines, and ensure their implementation into Solutran’s products.
- Ensure cyber security policies, procedures, and best practices are communicated across Solutran’s business functions and ensure compliance is enforced.
- Facilitate and conduct periodic audits and testing.
- Lead the internal Information Security Governance Council.
- Lead the internal Information Risk Management Council.
- Partner with the Solutran management team to identify, manage, and minimize security risks, and provide relevant and timely reports that drive business decisions.
- Leverage best practices of the technical threat landscape in the software and financial services industries and implement as needed.
- Establish and maintain the cyber security strategy to leverage new technology and threat information.
- Provide leadership and direction to a team responsible for enterprise information security policies and practices, coordinate incident response activities, complete cyber threat analysis & assessment, and maintain compliance to standards and regulatory requirements.
- Define and select necessary information risk and cyber security compliance tools, suppliers, and services.
An individual in this position must be able to successfully perform the essential duties and responsibilities listed above. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.
- Bachelor’s degree in IT, Computer Science or related technology field is required.
- Minimum 5 years of experience in Information Security.
- Minimum 3 years of leading a company’s information security, security operations and security compliance functions.
- Proven history of developing and managing cyber security policies and procedures for Financial Services, SaaS, Cloud and/or Technology companies.
- Experience working in an agile, DevOps/SecOps culture, with a proven practice of embracing iterative methodologies, and modern software development practices.
- Excellent communication, interpersonal and leadership skills, with a strong attention to detail.
- Ability to link information security issues to broader business goals.
- Ability to lead and motivate cross-functional teams while thriving in a fast-paced, growing company.
- Experience influencing executive team business leaders and stakeholders.
- Strong process discipline in a continuous improvement environment.
- Experience managing cost center and departmental financial functions such as budgets, etc.
- Demonstrated capabilities in leadership, innovation, problem solving, influencing, organizing and relationship building.
- Demonstrated success in automation of Security Operations.
- Master’s Degree with relevant certifications (CISSP, SSCP, etc.)
- Track record of success in the development and championing of information security programs
The position is an office-based position.
This is an exempt position, and occasionally requires long hours or weekend work.
This position does not require frequent travel.
If you are ready for a challenge, Apply Now.
Solutran does not sponsor work visas for foreign nationals. This position is not eligible for relocation, so candidates must be local.
Solutran offers a very comprehensive benefits and compensation package. We pride ourselves on our continued growth and we share in our successes through individual bonuses and profit sharing.
It is the policy of Solutran to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Solutran will provide reasonable accommodations for qualified individuals with disabilities.
Solutran’s goal is to increase representation of women, people of color, veterans and individuals with disabilities. Our programs are designed to comply with all applicable federal, state and local laws, directives and regulations and cover all human resource actions including employment, compensation, benefits, training, education, tuition aid, transfers, promotions and social/recreational programs.