We're creating an airline people love. It begins with each Alaska Airlines employee, bringing unique strengths and energy to our work in the air and on the ground. Every day, we go beyond what's expected and reach for the remarkable, together.
The Sr. IT Security Compliance Analyst is a subject matter expert in the analysis and continuous improvement of compliance programs that involve cybersecurity for Alaska Airlines and Horizon Air. As an individual contributor, this role exercises considerable judgement to assess risk, facilitate remedies, audit and report on findings of system vulnerabilities.
Scope & Complexity
With minimal direction from leadership, this individual contributor is responsible for identifying cyber risk and forming solutions to mitigate those risks for Alaska Airlines and Horizon Air.
* Act as subject matter expert in the area of IT security compliance. Take initiative to design, implement, and administer information security programs, initiatives, and projects which safeguard employees, customers, and partners' data from compromise by minimizing vulnerabilities and risk. * Make recommendations to partners with IT and cross-functional business units to help govern IT security risk. * Apply cybersecurity knowledge to conduct audits of hardware, software, and firmware technologies for possible security vulnerabilities that impact the information security of Premier. * Develop solutions to initiatives such as Sarbanes-Oxley (SOX) audits and PCI-DSS assessments, and any other compliance audits as needed. * Assist in the administration of Supplier Assurance Program (SAP). * Exercise considerable judgement to administer multiple security compliance projects with broad scope, ambiguity, and a high degree of difficulty. These include but are not limited to; Partner proactively with cross functional project and program managers to resolve issues, moderate program calls and help to resolve day-to-day issues, drive continuous process and technology improvements, document, communicate, and escalate issues to appropriate parties, ensure customer expectations and service level agreements are met. * Evaluates the compliance of infrastructure components and operational processes with information security and privacy policies and standards, prepares documentation of the results, and tracks resulting non-conformities and mitigation measures to resolution.
Job-Specific Skills, Experience and Education
* A minimum of 4 years of information technology work experience. * A Bachelor's degree in project management, IT, or related area, or an additional two years of experience/training in lieu of this degree.
* Knowledge of information security compliance preferred * Knowledge of various enterprise security and IT management frameworks and standards. * Previous experience with implementation and maintenance of GRC platforms * Previous experience with IT SOX controls * Previous experience with Payment Card Industry (PCI) assessments * Previous experience with configuration management policies and products * Solid understanding of requirements gathering, end-user acceptance testing concepts, and documentation. * Excellent project management skills * Demonstrated ability to develop and maintain strong working relationships, including the ability to create change through the use of positive influence to effectively liaise and communicate with business process owners
Job-Specific Leadership Expectations
Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.
EQUAL EMPLOYMENT OPPORTUNITY
Horizon Air and Alaska Airlines are equal opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, protected veteran or disabled status, or genetic information.
Horizon Air and Alaska Airlines will consider for employment qualified applicants with arrest and conviction records in accordance with applicable Federal, State, and local laws.
Horizon Air and Alaska Airlines participate in E-Verify, a service of the Department of Homeland Security (DHS) and Social Security Administration (SSA), where required.