Sr Information Security Analyst

Tech Ops Los Angeles, California


Description

The Information Security Analyst serves as a specialist in the development, implementation and administration of internal security functions including maintaining security requirements. This role analyzes security policies, processes and procedures and verifies adherence to those controls.

Responsibilities: 
Application Security Support

  • Web Application Security
    • Web Application Vulnerability Management
    • Assist with Bugcrowd investigation
    • Reviewing Threat Models
    • Conduct application static code analysis
    • Conduct application design reviews and provide input for development team
    • Review and approve application and infrastructure change requests
  • Review and update security procedures and document workflows as necessary
  • Auditing
    • Focus on security reviews, internal audits, and issue triaging
    • Vendor Audits (technical and administrative controls)
    • Conduct elevated account audits - Active Directory
    • Conduct application audits, advise on and track remediation issues.
  • Support current and future security operations

Required Qualifications

  • 2+ years of experience working within information security.
  • Experience with information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
  • Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Oracle.
  • Expertise in technology platforms, tools and processes used in the healthcare environment required.
  • Expertise of enterprise architecture, IT operations and security required.
  • Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.
  • Ability to work independently, document work performed daily and provide relevant updates to managers.
  • Excellent interpersonal, verbal, and written communication ability.
  • Excellent problem-solving ability.

Nice to Have
  • 2+ years of experience working within information security.
  • Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
  • Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Oracle.
  • Expertise in technology platforms, tools and processes used in the healthcare environment required.
  • Expertise of enterprise architecture, IT operations and security required.
  • Experience with secure coding practices, ethical hacking and threat modeling
  • Experience with project management
  • In-depth knowledge of applicable laws and regulations as they relate to IT and healthcare required, including HIPAA, NIST, GLBA, ISO 27001/27002, HITRUST and SOC 2 frameworks.
  • Demonstrate the initiative to continuously stay apprised of emerging security threats and the general information security landscape.
  • Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.
  • In-depth understanding of a variety of network and application attacks.

About Internet Brands:

Headquartered in El Segundo, Calif., Internet Brands® is a fully integrated online media and software services organization focused on four high-value vertical categories: Health, Automotive, Legal, and Home/Travel. The company's award-winning consumer websites lead their categories and serve more than 250 million monthly visitors, while a full range of web presence offerings has established deep, long-term relationships with SMB and enterprise clients. Internet Brands' powerful, proprietary operating platform provides the flexibility and scalability to fuel the company's continued growth. Internet Brands is a portfolio company of KKR and Temasek. For more information, please visit www.internetbrands.com.

Internet Brands and its wholly-owned affiliates are an equal opportunity employer.