IT Security Analyst II - Compliance Conduent
Germantown, MD

Job Description

Conduent is the world's largest provider of diversified business process services with leading capabilities in transaction processing, automation, analytics and constituent experience. We work with both government and commercial customers in assisting them to deliver quality services to the people they serve.

We manage interactions with patients and the insured for a significant portion of the U.S. healthcare industry. We are the customer interface for large segments of the technology industry and the operational and processing partner of choice for public transportation systems around the world.

Whether it's digital payments, claims processing, benefit administration, automated tolling, customer care or distributed learning - Conduent manages and modernizes these interactions to create value for both our clients and their constituents. Learn more at www.conduent.com.

Responsibilities:

* The IT Security Analyst is accountable for procedures and processes that ensure the integrity, confidentiality and availability of assigned Business units' information, applications and infrastructure.
* The security analyst will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document and remediate organization risk, control gaps and vulnerabilities.
* This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units.
* Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to:

o IPS/IDS alerts; change detection (FIM) alerts

o application firewall alerts; malware alerts

o rogue wireless network alerts

o security system health alerts; exploit attempt alerts

* Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to:

o audits of system security to ensure compliance with Corporate security framework

o Payment Card Industry (PCI) Data Security Standard (DSS)

o emerging state and Federal privacy laws

* Participate in a vulnerability management program that includes:

o external and internal vulnerability scans of applications and systems

o external and internal penetration tests of applications and systems

o documentation and remediation of identified vulnerabilities and exploits

o routinely monitoring various communication avenues for security vulnerabilities and security patches

o taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments

o making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities

* Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
* Acts as the initial point of contact to facilitate the handling of security incidents and requests, conducts technical investigations resulting in successful root cause analysis of intrusions, and make real-time decisions about incidents as they occur
* Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
* Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units

Minimum Qualifications:

* CIPP, CRISC, CISA, CISSP, or CISM certification is a plus.
* Minimum of Five (4 to 5) Years of experience in IT Security, or Security Auditing is required.
* Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc.
* Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures
* Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls.
* Knowledge of security technologies, devices and countermeasures, as well as the threats they are designed to counter.
* Experience with developing security reports, recommendations, policies and procedures that are meaningful, defensible, and actionable for a variety of audiences.
* Familiarity with more than one framework ( NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks.
* Experience in PowerPoint, Word, Excel; experience with Visio and MS Project.
* Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations.
* Familiarity with security, workflow and collaboration tools such Nessus Tenable, Splunk, Eracent, NNT, SharePoint and ServiceNow (Snow) is a plus
* Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally

Additional Qualifications/Skills:

* Excellent verbal and written communication skills.
* Ability to work well with personnel of various backgrounds
* Ability to project a professional image.
* Strong organizational, prioritizing and analytical skills.
* Ability to make independent decisions when circumstances warrant.
* Working knowledge of computer and software applications used in job functions.
* Freedom from illegal use of and effects of use of drugs and alcohol in the workplace.

Education Requirement - Bachelor of Science degree in Information Technology preferred

Years of Experience Requirement - Minimum of Five (4 to 5) Years of experience in IT Security, or Security Auditing is required.

Certification Requirement - CIPP, CRISC, CISA, CISSP, or CISM certification is a plus.

Travel - Flexible to Travel - Minimum 10 % - Maximum 25% - as needed

Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply or compete for employment with Conduent Business Services or one of its subsidiaries may request such accommodation(s) by sending an e-mail to accommodations@Conduent.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by clicking on the following link, completing the accommodation request form, and submitting the request by using the �Submit� button at the bottom of the form. For those using Google Chrome or Mozilla Firefox please download the form first: click here to access or download the form.

'1962478