Enterprise Security Analyst - Berry Appleman & Leiden LLP
Richardson, TX
About the Job
Must be located in, or willing to relocate to, the Dallas Fort Worth area. This role requires 3 days in office.
Who we are: BAL is a team of brilliant people who change lives through elite immigration work and collaborative innovation. We pursue the exceptional in all that we do, but never at the expense of our values. There’s no denying our work is demanding, both in volume and pace, but we’re up for the challenge. We love the balance of hard work and fun – so, you’ll see us in jeans as we shatter glass ceilings and conventional stereotypes. BAL employees feel valued, rewarded, and respected. We seek opportunities to be of service to others and our communities. We are committed to your growth and development, and want to set you up for success here at BAL and beyond.
Who you are: You are looking for work that has purpose. You aren’t afraid to roll up your sleeves and get stuff done. You learn quickly. You move fast. You embrace challenge and detail as well as creative thinking. You believe you have something unique to contribute and you aren’t afraid to raise your hand. You understand that powering human achievement is ultimately about impacting a real person. You are looking for a place to grow and an environment where everyone has a spot and is genuinely welcome.
We’re better together: A bright, driven person like you and an industry-leading powerhouse like BAL? It’s a perfect combination! We truly want to see you succeed here and become an integral part of our mission to provide an experience that makes a positive difference in people’s lives. Come be a part of something special, where you can have an impact and be valued just for being you!
Who we are: BAL is a team of brilliant people who change lives through elite immigration work and collaborative innovation. We pursue the exceptional in all that we do, but never at the expense of our values. There’s no denying our work is demanding, both in volume and pace, but we’re up for the challenge. We love the balance of hard work and fun – so, you’ll see us in jeans as we shatter glass ceilings and conventional stereotypes. BAL employees feel valued, rewarded, and respected. We seek opportunities to be of service to others and our communities. We are committed to your growth and development, and want to set you up for success here at BAL and beyond.
Who you are: You are looking for work that has purpose. You aren’t afraid to roll up your sleeves and get stuff done. You learn quickly. You move fast. You embrace challenge and detail as well as creative thinking. You believe you have something unique to contribute and you aren’t afraid to raise your hand. You understand that powering human achievement is ultimately about impacting a real person. You are looking for a place to grow and an environment where everyone has a spot and is genuinely welcome.
We’re better together: A bright, driven person like you and an industry-leading powerhouse like BAL? It’s a perfect combination! We truly want to see you succeed here and become an integral part of our mission to provide an experience that makes a positive difference in people’s lives. Come be a part of something special, where you can have an impact and be valued just for being you!
OVERVIEW
The Security Analyst will work in a dynamic, fast-paced environment as part of the Enterprise Security & Privacy (ES&P) team. We are looking for someone who is proactive, results driven, has exceptional attention to detail, and above average communication skills. The ideal person for this role is willing to take ownership of deliverables and assigned projects, thinks outside of the box, and has a desire for continuous learning.
RESPONSIBILITIES (under the supervision of the Sr Manager of ES&P):
- Supports the ongoing management and improvement of the corporate Information Security Management System (ISMS) and Privacy Information Management System (PIMS) to maintain compliance with ISO standards 27001 and 27701
- Performs required internal audits of IT, Security and Privacy controls and processes
- Assists in tracking and closing identified action plans from internal and external audits
- Serves as day-to-day lead for reviewing and responding to Security and Privacy events (incident response)
- Performs / coordinates the performance of access reviews related to ISO 27001 / 27701 compliance
- Monitors the performance of required ISO 27001 and 27701 control activities throughout the company
- Works with the SecOps team to review and escalate security operations alerts and vulnerabilities
- Assists in the support of the Third Party Risk Management (TPRM) program, performing vendor reviews and risk analyses
- Assists in the coordination, documentation and submission of Request for Proposal (RFP) responses and client security assessment questionnaires
- Manages and routes communications for the Security and Privacy teams (#Security, #Privacy and #SecOps mailboxes)
- Monitors and documents key metrics in support of the ES&P team
- Owns and updates various reports and documentation supporting security, compliance and privacy
- Works with teams across BAL to operationalize compliance requirements
- Documents new security and compliance-related policies and procedures as needed
- Assists in the development of security, privacy and compliance awareness campaigns and training materials
- Supports the Business Continuity program in compliance with ISO 27001 requirements
- Performs research as requested to support overall program requirements
- Performs gap analyses as needed
- Efficiently manages multiple projects with competing deadlines
- Other duties as assigned
QUALIFICATIONS:
- Bachelor’s Degree or equivalent experience
- 2+ years experience with a background in information security, privacy, compliance, audit or risk a plus
- Knowledge of internal audit / audit principles a plus
- Knowledge of ISO standards 27001, 27701 and/or 22301 a plus
- CISA or other relevant certification a plus
- Ability to communicate effectively with various internal stakeholders
- Strong organization skills and attention to detail with the ability to plan, prioritize and meet deadlines
- Ability to differentiate critical data from the noise in projects, processes and procedures
- Ability to work independently and in a collaborative team environment
- Above average written, verbal, and interpersonal skills
- Is passionate about learning and is interested in security, privacy, and compliance
- Not afraid to jump in and figure things out!
Source : Berry Appleman & Leiden LLP