Sr. Information Security Analyst - Full-time / Part-time

Senior Information Security Analyst

Are you looking to launch your Information Technology career?  If so, then UPS is the place for you!

Once known as a trucking company, UPS is now recognized as a technology company with trucks and is poised for success.  Spending more than $1 billion a year on information technology, UPS provides its customers unparalleled capability in tracking and distribution intelligence.  This technological infrastructure also enables UPS to provide fully integrated Web-enabled, business-to-business solutions.

UPS Information Services, a leader in information technology, is currently seeking career-minded individuals to join our team.  If you are highly motivated with a degree in Computer Science or related discipline, then UPS is a great place for you to advance your career.

Job Description:

The Senior Information Security Analyst identifies, investigates, analyzes, and remediates information security events to ensure enterprise integrity against technical and physical risks.  He/She conducts quality management reviews to evaluate the effectiveness of security controls.  This position reports on the controls effectiveness for mitigating exposure to identified risks.  He/She communicates security issues and control gaps through security governance processes.  This position implements and integrates risk management procedures across the enterprise.  He/She participates in the development and maintenance of business continuity planning, data, systems, and network security for systems & controls related to their job duties.

Responsibilities:

Conducts Security Administration and Service Operations

• Responds to service issues, problems, crises, and critical situations to support resolution and to minimize downtime.
• Investigates security events (e.g., problems, crises, critical situations, unauthorized access, non-compliance with UPS’s policies, fraud, service exploitation, etc.) to determine malfunctions, breaches, and remediation steps and to identify root causes.
• Monitors I.S. facilities and infrastructure access to audit and maintain security controls and to ensure compliance.
• Investigates unauthorized access and conducts tests to determine Information Services (I.S.) facilities and infrastructure malfunctions and breaches.
• Installs and implements security-related software and firmware (e.g., patches, data encryption software, access controls, address verification systems, etc.) to maintain security administration and systems integrity.
• Operates security-related software and firmware (e.g., assessment scan tools, firewalls, dashboards, intrusion detection sensors, etc.) and performs analytical tasks to maintain security and service continuity.

Conducts Quality Management

• Gathers and organizes evidence of compliance with management directives to review and evaluate effectiveness of security functions, processes, products, and services.
• Maintains logs on identification and data access (e.g., applications, networks, files, database management systems, etc.) to support compliance standards.
• Conducts quality management reviews (e.g., business continuity impact analysis [BCIA], security audits, etc.] to evaluate the effectiveness of security controls.
• Examines records and tests strategies to determine compliance with management directives and to identify abnormal occurrences.

Maintains Information Security

• Applies and monitors enterprise security controls to maintain confidentiality, integrity, and operational systems.
• Conducts local and basic risk assessments to enhance resilience for unauthorized access.
• Identifies attacks to the I.S. network and systems and escalates security issues to facilitate prompt remediation.
• Provides immediate remediation response to decrease and limit damages by negatively impacting occurrences.
• Identifies, tracks, and monitors information security threats to support service continuity and security management.

Performs Continuity Management Functions for Job-Related Systems & Controls

• Participates in the development and maintenance of business continuity planning, data, systems, and network security to ensure systems’ availability and integrity.
• Provides input to the service continuity planning process to support critical business functions, to minimize downtime, and to protect UPS’s information assets.
• Implements service continuity plans to ensure optimal security and service operations.
• Identifies and quantifies potential impacts from disruptions and outages to ensure effective maintenance of security and service operations.
• Identifies time critical applications and dependencies to support business functions, to assess the risks of systems’ availability and integrity, and to develop maintenance procedures and contingency plans.

Primary Skill:  Web Application Development

Additional Skills: 

Programming Skills Various Disciplines
Linux and Windows Administration Skills
Database Programming or Administration
Infrastructure Architecture and Design Knowledge
Networking Protocol Skills

Education:

The desired Senior Information Security Analyst will possess a degree in Computer Science, Information Systems, Information Security or related field or the equivalent in education and work experience.