Global Information Security Analyst

Profile

,AnswerValue:Open to candidates based in Austin, Texas / Dallas, Texas / Minneapolis, MN / Portland, OR / San Jose, CA / Boston, MA. \u003cbr/\u003e. \u003cbr/\u003e\u003cbr/\u003eIntroduction\u003cbr/\u003eTokyo Electron is searching for an accomplished information security professional to join its global Information Security Department. The position involves working closely with US-based and international department personnel as well as other business groups, especially the Information Systems Department.\u003cbr/\u003eWe are looking for the person that has demonstrated exceptional analytical, social and technical competency capabilities related to the information security discipline. Candidates that can also show mastery of at least one of these attributes is preferred.\u003cbr/\u003eThe successful candidate’s employment level will be considered per a combination of his/her education level, experience years, certifications as well as skills and knowledge relevant to the position.\u003cbr/\u003eJob Description\u003cbr/\u003e• Support the establishment, implementation, adherence to and documentation of information security standards, policies, procedures and processes to protect company information assets, systems, services and processing facilities.\u003cbr/\u003e• Identify and assess the probability and impact of relevant risks as well as assess, design, test and implement risk mitigating solutions, which range across security policies, processes and technology.\u003cbr/\u003e• Incident investigation and response including preparation, documentation and coordination with teammates and other teams, assisting with response (e.g., containment, eradication) and recovery as well as any necessary post-incident activities.\u003cbr/\u003e• Design information security solutions (e.g., identify, prevent, detect), including architecture and technology evaluation, in the areas related to 1. Application, 2. Data store, 3. Platform, 4. Network and 5. Physical technologies and / or controls.\u003cbr/\u003e• Initiate, facilitate, promote and support the development and delivery of appropriate information security awareness training. Training may generally apply to all members of the workforce, including employees and third-party workers. Training may also involve a specific focus, including worker level (e.g., executives, managers, individual contributors), worker type (e.g., technology enablers and administrators) or department (e.g., factory, R\u0026D).\u003cbr/\u003eAbilities, Skills, Knowledge and Experience\u003cbr/\u003eAbilities and Skills\u003cbr/\u003e• Highly self-motivated, self-directed individual who takes ownership of assigned tasks and maintains accountability for their successful completion with keen attention to detail.\u003cbr/\u003e• Excellent written, oral and interpersonal communication as well as collaboration skills.\u003cbr/\u003eo Strong business acumen with the ability to listen and understand international business issues and relate them to information security risks, threats and controls.\u003cbr/\u003eo Ability to communicate security and risk-related concepts with technical / nontechnical audiences.\u003cbr/\u003eo Team-oriented and skilled in working via an internationally collaborative environment.\u003cbr/\u003eo Develop positive relationships and effectively communicate with international management, software / system / security architects, software / system / security engineers, quality assurance, auditors, legal, compliance as well as information system or security operations personnel.\u003cbr/\u003e• Persuasive, encouraging, motivating and inspiring in the quest to solve problems.\u003cbr/\u003e• Inquisitive, adaptable and flexible with the ability to handle ambiguity and sometimes changing priorities with the ability to define, learn, understand and apply new technologies, methods and processes and conduct research into information security issues and products as required.\u003cbr/\u003e• Effective prioritization and execution of tasks in a sometimes high-pressure environment.\u003cbr/\u003e• Analytical and problem-solving abilities that lead to recommending, designing, testing and delivering security solutions based on analysis and business requirements.\u003cbr/\u003e• Project management, financial / budget management, scheduling and resource management.\u003cbr/\u003eKnowledge and Experience\u003cbr/\u003e• Strong / diverse technical background in enterprise networking, firewalls, storage options, server infrastructure, operating systems, database technologies, desktop operating systems and security.\u003cbr/\u003e• Demonstrated understanding and working mastery of security-related technologies and practices, including authentication and authorization systems, endpoint protection, encryption, segmentation strategies, vulnerability management and secure remote access.\u003cbr/\u003e• Knowledge of the interaction between 1. process, application, data store, platform, network, and physical asset controls with 2. information risks and 3. an overarching management methodology.\u003cbr/\u003e• The basic tenants of enterprise risk management (i.e., threat management, vulnerability management and risk treatment).\u003cbr/\u003e• Root cause analysis and risk management concepts as well as information security architecture, trends and threat analysis.\u003cbr/\u003eSelection Criteria\u003cbr/\u003e• At least eight years of combined experience in information technology, security risk and compliance management, assessment, auditing, research, response and/or consulting.\u003cbr/\u003e• Graduation from an accredited four-year college or university with major coursework in information security, computer information systems, computer science, management information systems, information systems auditing, business administration or a related field is strongly preferred. Education and experience may be substituted for one another.\u003cbr/\u003e• Proficiency and experience in performing information technology, security risk and compliance assessments.\u003cbr/\u003e• Experience in researching, authoring or supporting development of information security policies and standards.\u003cbr/\u003e• Experience using or implementing information security related solutions including processes and technology. Examples include incident response \u0026 management, risk management \u0026 assessment, software development lifecycle and information security-related technologies.\u003cbr/\u003e\u003cbr/\u003eCertifications\u003cbr/\u003eA holder in good standing of relevant certifications is preferred. Example certifications are CPA, CISSP, CISA, CISM, CRISC and GIAC.\u003cbr/\u003eWork Conditions\u003cbr/\u003e• Multiple, weekly web conferences with global audiences outside normal work hour\u003cbr/\u003e\u003cbr/\u003e\u003cbr/\u003ePhysical Demands and Work Conditions\u003cbr/\u003eThe physical demands described herein are representative of those that must be met by an employee to successfully perform the essential functions of this job. This job operates in an office setting. This role routinely uses standard office equipment such as computers, phones, photocopiers, and filing cabinets. This is a largely sedentary role; however, some filing is required, which would require the ability to lift files, open filing cabinets and bend or stand as necessary. This position requires the ability to occasionally lift office products and supplies, up to 35 pounds. This position also requires 4 to 6 hours per day at a computer screen/keyboard. \u003cbr/\u003e\u003cbr/\u003eDiversity creates an innovative culture.  TEL US is an Equal Employment Opportunity / Affirmative Action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.\u003cbr/\u003e\u003cbr/\u003eEqual Opportunity Employer/Minorities/Females/Disabled/Veterans,

Company info

Tokyo Electron U.S. Holdings, Inc.
Website : http://www.tel.com