Systems Security Analyst - Black Diamond team

IT Jacksonville, Florida


Description

Join the company ranked #1 on the list of Best Places to Work in Jacksonville. SS&C Advent, a leading provider of award-winning software and services for the global investment management industry, is seeking a Systems Security Analyst for our team in Jacksonville.

The Systems Security Analyst is responsible for working with the Infrastructure and Product Development teams. This role develops and maintains security and privacy self-assessments, performs and analyzes vulnerability assessments and penetration tests, reviews and enhances security policies, and develops implementation of security controls and privacy safeguards. Qualified professionals should possess 5-7 years' experience with 2-5 years involving security, risk management, compliance, and privacy of non-public personal data.

Job Responsibilities

  • Implement security and privacy safeguards to protect non-public personal information.
  • Provide specialist security and privacy knowledge inputs to sales and legal for service agreements.
  • Create and deliver high quality written communications on security, compliance, and audit issues.
  • Work with client organizations to assist with due diligence responses and site inspections.
  • Perform and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediation.  
  • Review and enhance security policies that cover physical and logical access to systems and the management of private data.  
  • Perform IT risk assessments, incident investigations, root cause analyses, and forensics.  
  • Review encryption capabilities, and security configurations for hardware, software, and network firewalls.
  • Document the design and testing of the IT component of Black Diamond's business continuity and disaster recovery program.
  • Perform security reviews of new products and services to ensure adequacy of security and privacy.
  • Develop and maintain knowledge of security products to identify and scope opportunities for deployment.
  • Monitor and report on privacy and security legislation, regulations, and standards.
  • Some domestic travel to corporate offices, data centers, and events may be required.

 Qualifications

  • 5-7 years of professional experience with 2-5 years involving security, risk management, compliance, and privacy of non-public personal data.
  • Knowledge of common security frameworks and privacy principles.
  • Experience with IT security and privacy risk assessments and audits of IT general security controls.
  • Experience in a pre-sales software or technical services role, or in a post-sales compliance/contracts role highly preferred.
  • Experience with the phases of the software development lifecycle. 
  • Experience with common vulnerability scanning and penetration testing tools.
  • Writing experience in areas such as sales/legal contracts, bidding specifications, sales presentations, audit reports.
  • Experience in a pre-sales software or technical services role, or in a post-sales compliance/contracts role.
  • Knowledge of common computer security issues, including network and application vulnerabilities.
  • Knowledge of VMWARE and Windows Server security. 
  • Knowledge of Linux and its security a plus.
  • Post secondary qualifications involving technical analysis, financial services, problem solving, and writing.  
  • Certification activity a plus (such as SANS, CISSP, CISM, CRISC, CEH, CompTIA, RHCE, IAPP, MSCE).

Competencies:

  • Interpersonal skills and team player to maintain collaborative relationships throughout the company and with clients.
  • Attention to detail, especially with written work such as legal contracts and client-facing communications.
  • Ability to think and work analytically.
  • Ability to document policies, procedures, and technical diagrams.
  • Ability to execute multiple activities simultaneously.
  • Ability to manage a substantial unplanned workload with short deadlines.
  • Ability to quickly analyze client requirements and remediate knowledge gaps with research.
  • Must be capable of working with limited direct supervision.