UPS Sr. Information Security Analyst in Alpharetta, Georgia
Sr. Information Security Analyst
We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.
UPS is a global leader in logistics, offering a broad range of solutions, facilitating international trade, and deploying advanced technology to more efficiently manage the world of business. Rooted in the innovative use of technology, UPS's unmatched global network enables the broadest and most reliable solutions in the industry.
About this role :
UPS Information Technology (I.T.) Supply Chain Solutions is seeking a bright and ambitious Senior Information Security Analyst to join its UPS Global Logistics & Distribution department and protect our client's information. If you champion true innovation, aren’t afraid of getting your hands dirty, like creating from the ground up, and are always looking to transform and evolve (“constructive dissatisfaction”), you could be the future of UPS.
The Senior Information Security Analyst will be responsible for assessing InfoSec risk and facilitating remediation of identified security vulnerabilities across the SCS portfolio. He/she assists in IT audits, IT risk assessments and regulatory compliance activities.
Management of information security risk identification, mitigation and exception / acceptance processes.
Facilitates remediation of identified web application vulnerabilities; provide reports on findings and recommendations for corrective actions.
Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation.
Work closely with Application Owners and Information Security teams to review and respond to security questionnaires and due diligence requests.
Assists in the assessment and review of new vendors and/or new and existing technology to ensure adequate levels of control are in place to maintain compliance with security requirements.
Manages testing request lists from internal and external auditors, providing the interface between IT management and the auditors.
Participates in InfoSec projects driving new logical security solutions (privileged access, system passwords, access entitlement reviews, segregation of duties, etc.).
Participates in the implementation of the security awareness program.
Leads the development of an InfoSec risk metrics and reporting framework.
4+ years’ experience conducting IT risk and compliance assessments.
4+ years’ experience in administering application security controls.
Knowledge of IT risk assessment methodologies and frameworks, and IT security and compliance standards (e.g., COBIT, NIST CSF, ISO 27001, CIS Critical Security Controls).
Bachelor's degree and/or Master's degree in Information Systems, Computer Science or related discipline.
Experience using Trustwave App Scanner and HARM risk scoring, or similar application vulnerability scanning tools, is a plus.
Experience responding to information security incidents is a plus.
Professional certification in information security (ITIL, CISM, CISA, CISSP) preferred.
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
UPS is an equal opportunity employer – race/color/religion/sex/national origin/veteran/disability/sexual orientation/gender identity
Company: UNITED PARCEL SERVICE
Category: Information Systems, IT - Information & Security, Technology, Information Management & Security, Information Solutions
Requisition Number: 150230