Information Security Engineer - III

4 days ago

Apply Now

Receive Emails with Similar Jobs

Conduent

WebsiteLinkedInAll Job Openings

Conduent is a technology-led solutions provider that streamlines business operations for both public sector and private businesses. They specialize in enhancing customer experiences through automation and analytics, optimizing finance operations, and offering comprehensive HR solutions. With a focus on improving operational efficiencies, Conduent delivers a variety of services including customer contact solutions, healthcare business solutions, and solutions for transportation agencies, effectively addressing the end-to-end needs of their clients.

Business Process Solutions • Healthcare • Payments and Eligibility • Transportation • Customer Experience Management

10,000+ employees

Founded 2017

🤝 B2B

💳 Fintech

💰 Venture Round on 2009-01

📋 Description

• The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies. • The Security analyst will be professional, independent, impartial, and fair in all interactions. • The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units’ information, applications, and infrastructure. • Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. • This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. • Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as IPS/IDS alerts; change detection (FIM) alerts; application firewall alerts; malware alerts; rogue wireless network alerts; security system health alerts; and exploit attempt alerts. • Participate and be an integral component of audit, compliance, and regulatory functions. • Primary POC in a vulnerability management program of the account. • Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement. • Acts as the initial point of contact to facilitate the handling of security audits and client requests. • Support the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies. • Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units.

🎯 Requirements

• CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. • Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. • Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. • Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures • Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. • Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. • Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. • Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). • Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. • Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. • Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus • Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally