IT Security Analyst
New York, NY

Job Description

Job Description

Sirius InternationalInsurance Group, Ltd. ("Sirius") is an international, multi-billion dollar,publicly traded company with worldwide interests in insurance andreinsurance. A subsidiary of CMIGInternational, Sirius is a Bermuda domiciled holding company providingreinsurance on a worldwide basis through its principal operating companies inBermuda, Stockholm, New York and London.

Sirius is currently seeking an IT Security Analyst for the firm's office in downtownManhattan.

The IT Security Analyst will be responsible for theday-to-day operations of the in-place security solutions and also theidentification, investigation and resolution of security breaches. This role will be responsible for contributingto and strengthening the corporate Information Security program. We areseeking candidates with excellent communication skills, as the IT SecurityAnalyst will frequently make presentations, provide training, and communicatewith executive and non-technical audiences about security topics, in additionto collaborating with technical engineers on security implementation.

RESPONSIBILITIES:

* Assists in overseeing and implementing the corporatecybersecurity program.
* Maintains, produces and assists in the development andadoption of IT security policies and procedures.
* Analyzes security breaches to determines their root causeand reviews violations of security policies.
* Maintains, supports and coordinates corporate User SecurityAwareness Training programs (Wombat, KnowB4, NanoLearning and others).
* Provides technical administrative security support for allversions of Windows Operating Systems, Norton Anti-Virus, McAfee, Rapid7 andother software areas as required to provide support in IT operations.
* Coordinates Windows and non-Windows patching on server andclient side.
* Monitors network, server and system alerts and loggingreceived from network and server monitoring utilities (e.g. Cisco Works,Nagios, Varonis, AV, SPAM, proxy, IPS, PKI).
* Maintains data and security access. Protects digital filesand information systems from unauthorized access.
* Implements and maintains cryptographic solutions andcontrols.
* Creates and modifies user accounts, storage directories andshares permissions. Facilitates privileged and standard user account access.
* Creates Group Policy Objects and Active Directory objectswithin Windows domain environment. Provides technical documentation and manualwrite-ups.
* Completes access request processing as per pre-defined setsof procedures and within agreed Service Level Agreements (SLA), resolvesproblem tickets and assist other security analysts as needed to provide accessmanagement business requirements and insure compliance with industry andcompany security standards
* Documents access management procedures for assignedapplications and/or platforms; keeps the access management proceduresup-to-date
* Coordinates with internal and external auditors to assureHIPAA, SOX, DFS, and other regulatory compliance. Participates in SOXCompliance processes. Proactively identifies audit and compliance relatedissues to reduce the risk of security exposures and non-compliance
* Plans and implements security improvements and solutions toassure US and European regulatory compliance (HIPPA, NYCRR, GDPR, CyberEssential, BMA).
* Partners with risk management to ensure the transparency ofrisk reporting related to compliance evaluations and resolution of identifiedgaps. Performs risk assessments and executes tests of data processing.
* Prepares necessary audit documentation.
* Provides inventory, license tracking, and other trackinginformation as dictated by business requirements.
* Provides support and assists end-users in the usage of theircomputer equipment in our computing environment.
* Creates and modifies user training manuals, IT documentationand infrastructure designs.
* Researches current trends and technologies for futureproduct ideas.

DESIREDQUALIFICIATIONS:

* Bachelor's Degree with a concentration in ComputerInformation Systems (other degree disciplines will be considered withapplicable experience in security IT analysis and implementation).
* Minimum of 3 years Cybersecurity experience.
* Must be able to perform duties independently, but also as amember of a team.
* Excellent communication and presentation skills.
* Strong workingknowledge and understanding of business security practices and procedures.
* Knowledge ofcurrently available security tools, various communication protocols, andencryption techniques/tools.

Sirius is anEqual Opportunity Employer. We offerexcellent opportunities for competitive salaries, employee development andcomprehensive benefits for a diverse workforce.