Sr. Security Analyst
Sr. Security Analyst
Location: Remote, USThe Sr. Security Analyst will oversee and coordinate security efforts across the company. Coordinate the planning and implementation of enterprise IT system defenses against security breaches and vulnerability issues. Interface with CXone leaders to communicate corporate security vision and to solicit involvement in achieving higher levels of enterprise security. Support the sales environment by effectively communicating our security capabilities for our SaaS products and back office support environment. Gain appropriate security certifications to satisfy clients looking to purchase our SaaS products.
- Maintaining, as required a repository for all system certification documentation and modifications.
- Coordinating IS security inspections, tests, and reviews.
- Developing procedures for responding to security incidents, and for investigating and reporting security violations and incidents, as appropriate.
- Ensuring proper protective and/or corrective measures have been implemented and documented appropriately when an incident or vulnerability has been discovered within a system.
- Oversees the deployment, integration and initial configuration of all new security solutions.
- Developing and implementing an information security education, training, and awareness program.
- Responsible for ensuring CXone's security architecture design is appropriate for business needs and meets industry best practices and regulatory compliance standards.
- Reporting all security-related incidents to the appropriate internal and external officials.
- Conducting periodic information system audits, log analysis, and procedural reviews to verify compliance with the security policies.
- Coordinating periodic reviews and inspections as established in the certification and accreditation documentation.
- Works with other executives to prioritize security initiatives and spending based on appropriate risk management.
- Monitoring and periodically testing system recovery processes to ensure that security features and procedures are properly followed and restored.
- Ensuring that all security-related documentation is current and accessible to properly authorized individuals.
- Providing formal notification to the CSO when changes are planned that may impact the approved security posture of CXone or the associated certification and accreditation.
- Ensuring that system security requirements are addressed during all phases of the system life cycle.
- Works with outside consultants as appropriate for independent security audits.
- Follow the company Code of Ethics and CXone policies and procedures at all times.
- Communicate in an effective and professional way with customers in and outside of CXone.
This organization reserves the right to revise or change job duties as the need arises. This job description does not constitute a written or implied contract of employment.
Required Education, Experience, and Specific Job Related Skills
- BS/BA in related field or a combination of education, training and experience required.
- 5+ years working in IT and data networks
- 5+ years in or with information security or security principles
- Strong writing ability
- Proven track record of solving problems.
- Good organization and project management skills
- Advanced computer skills in desktop applications
- Posses excellent analytic skills including numbers, patterns, processes and data flow
- Proficient with Microsoft Project
- CISA or CISSP certification
- Knowledge of PCI, SAS70, and HIPAA compliance regulations.
NICE is committed to provide an environment based on equal opportunity for all qualified applicants and employees. It is the policy of NICE to afford equal employment opportunities to qualified individuals, regardless of age, race, color, creed, religion, citizenship, ancestry, national origin, sex, gender, pregnancy, mental or physical disability, marital status, veteran status, service in the Armed Forces, sexual or affectional orientation, atypical hereditary cellular or blood traits, genetic information, status as a victim of domestic or sexual violence, and/or any other status protected by any applicable federal, state and/or local statute or regulation.