Senior Information Security Analyst - Insider Threat

3 days left

Employer
Target
Location
Brooklyn Park, Minnesota, United States
Posted
Oct 03, 2018
Closes
Oct 26, 2018
Category
Business, Other
Employment Status
Full Time
Description: ABOUT US

Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong technology framework that relies on the latest tools and technologies—and the brightest people—to deliver incredible value to guests online and in stores. As a Senior Security Analyst, you will performactivitiesto protect the organization from an insider threat including engaging in company initiatives across the enterprise to identify and prioritize information protection risks, facilitate mitigation of risk and where needed, and escalate and communicate open risks and recommendations to executive leadership.

PRINCIPAL DUTIES AND RESPONSIBILITIES

  • Perform data collection for potential threats
  • Conduct organizational and cross-functional threat analysis to identify trends and patterns in data
  • Provide assessments of known insider threats and vulnerabilities
  • Identification of corporate policy and acceptable use violations
  • Provide recommendations on ways to protect confidentiality and integrity of the organization
  • Perform risk remediation activities to reduce impact of user based incidents
  • Ability to manage undefined scopes and implement structure from large-scale ambiguity

Insider Risk

  • Knowledge or previous experience with user and entity behavior analytics
  • Familiarity with risk scoring and threat analysis tools
  • Ability to design self-learning code to gather data
  • Review data and present to management in an easy to understand format
  • Analyze detected anomalies, identify potential risks, and initiate and monitor risk workflows
  • Continually modify and refine analytical approaches given earlier output and user feedback to optimize analytic utility

Data Protection

  • Conduct business process mapping and strategy sessions with key stakeholders to define and prioritize data protection needs
  • Development and enhancement of security incident management & escalation workflows
  • Train business and technical partners on system use and remediation procedures
  • Develop reports and dashboards for demonstrating risk reduction results
  • Assist in design of employee communication strategy and security awareness training opportunities
  • Assist in definition of operational, management and steering committee requirements for security governance.

MINIMUM REQUIREMENTS:

  • Bachelor's Degree in Engineering, Computer Science, Information Systems, Computer/Network Security or equivalent experience
  • Good understanding of information security, risk management and compliance concepts
  • Knowledge of Enterprise Event and Incident Management Process and Tools
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation
  • Excellent communication skills, including demonstrated proficiency in clearly communicating technical concepts to non-technical audiences in business terms
  • Must be proactive, and have the ability to work independently/efficiently and to thrive in a fast paced environment
  • Must be able to learn quickly and apply new tools and techniques

DESIRED REQUIREMENTS:

  • Industry standard security certifications such as CISSP, CISM, Insider Threat Program Manager
  • Experience with Data Loss Prevention (DLP) security controls
  • Previous experience working in Information Security and/or desire to learn this domain



Qualifications:

Similar jobs

Similar jobs