XTN-0617191 IT SECURITY ANALYST

The IT Security Analyst reports to the Clark Team Lead and is responsible for information security policy development and annual revisions; monitoring compliance with corporate IT security policies and applicable regulatory or legal requirements; coordination for the investigation and reporting of security events, and incident response activities. Works closely with the Infrastructure Engineering, Administration, and Systems teams to evaluate and recommend the proper security controls in support of the organization’s digital network, data, physical environment, and personnel. The analyst is charged with monitoring, assessing, and tuning the IT business continuity and disaster recovery program, vulnerability assessment scans across the enterprise delivery pipeline, risk assessment reviews, and facilitating remediation of identified vulnerabilities for corrective action. Exhibit the ability to identify opportunities to reduce risk and oversees changes related to risk mitigation, and reports on findings. Participates with IT audits and regulatory compliance needs. This position requires dependable and timely attendance at work to meet department and team workload demands.

Job Responsibilities • Monitor, respond, and advise on information security issues related to any corporate owned devices to ensure the security controls in place are appropriate and operating as intended • Coordinate response to information security incidents • Ability to analyze systems and conduct activities within the SDLC framework • Develop and publish information security policies, procedures, standards and/or guidelines based on best-practices and applicable security requirements • Consistently exhibit and support a “customer” first attitude by providing best-practice security solutions that meet the needs of the business • Encourage a collaborative and positive environment for security awareness and education • Conduct security research to gain a better understanding of the enterprise threat landscape and keeping abreast of the latest security issues • Perform other related duties as assigned

Related Duties • Maintain a positive work atmosphere by behaving and communicating in a manner that encourages a trust relationship across the organization

• Lead by displaying a positive example

• Seek to do the “Right Thing”

• Review Employee Handbook annually for changes and updates • Maintain a clean, organized and safe work environment • Attention to detail is a must • Ability to self-motivate • Ability to positively motivate others • Ability to work independently and within a team environment • Use of good judgment and common sense to prioritize work • Maintain confidentiality of privileged information obtained in the course of work • Other duties deemed necessary • Use agile-related methodologies as they are relevant to the environment and information security task workflow • Conduct risk assessments on