Share this Job
Apply now »

Cyber Threat - Principal Information Security Analyst

Date:  Sep 23, 2021
Req ID:  44749
Remote Position:  Yes
Country:  US
Line of Business:  VSP Vision Care
Division:  Information Technology

VSP Global is comprised of five complementary businesses that combine high-quality eye care insurance, high-fashion eyewear, customized lenses, ophthalmic technology and retail solutions, with employees in over 23 countries. No matter the role, we’re all focused on a singular mission: to help people see. Learn more by visiting https://vspglobal.com/cms/careers/

General Summary

Act as a subject matter expert concerning complex information security technology, topics, and issues. Perform highly technical and complex, specialized duties in the areas of security management, risk management, incident management, and/or vulnerability management. Identify and direct information security programs and technology implementations to remediate or mitigate security issues.

Essential Functions

Define, evaluate, justify and drive and information security controls and technology to ensure the protection of the organization’s information assets.

 

Use a strategic approach to define current and future capability requirements. Prioritize and drive execution to that roadmap. Update and communicate it regularly with CISO and other high-level stakeholders.

 

Use extensive cyber-security background to review current security posture across all lines of business.

 

Conduct security project meetings to identify gaps and recommend security enhancements to ensure security requirements are integrated and implemented.

 

Lead Architecture, Infrastructure and Technology teams to review existing capabilities and recommend security enhancements.

 

Update and validate information security policies, standards and procedures to ensure they support the goals of the Information Security Program.

 

Support detailed risk analysis and risk assessment to identify, mitigate and control risks to infrastructure, information systems, and data.

 

Assist in third party evaluations to ensure that their technology environment appropriately protects shared data, that contracts have the appropriate security requirements, and that those requirements are met through regular audits and assessments.

 

Document and lead automation of security incident management practices to ensure all incidents are diagnosed, logged, escalated, and closed to its final resolution.

 

Monitor and report changes in threat dispositions, activities, tactics, capabilities, objectives, etc. as related to designated cyber operations.

 

Provide current intelligence support to critical internal/external stakeholders as appropriate.

 

Lead Threat Analysis across VSP Global Enterprise (Insurance, Retail, Health Care Provider, SaaS software solutions and Manufacturing businesses).

 

Identify and justify automation efforts to improve security posture without increasing cost.

 

Actively hunt threats using threat intelligence and knowledge of the environment.


Lead Information security technical incident response.

 

Monitor changes in threat landscape, identify trends for future threat analysis to ensure security controls are in place to meet threats when they arise in the VSP business environment.

Job Specifications

Typically has the following skills or abilities:

 

Bachelor’s Degree in Computer Science, Electrical Engineering, or related field or equivalent experience

 

12 years of hands-on technical information security experience in threat and vulnerability analysis, threat hunting, and/or security incident response

 

Minimum 4 years IT experience with a focus on systems engineering. Private and Public Cloud security experience is highly preferred

 

Technical Security certification like SANS GIAC-type certification(s)

 

Advanced knowledge of security principles and technologies

 

Strong verbal and written communications skills that can be applied to all levels of an organization from the CTO to a deskside technician

 

Proven ability to communicate using slides, documents, and spreadsheets

 

Ability to regularly exercise discretion and independent judgment in the performance of job duties

 

Data analysis as it relates to security event logging and monitoring with the ability to demonstrate effectiveness hunting in a complex environment

#LI-REMOTE

Preferred Skills

Certified Cyber Threat Hunting Professional (CCTHP)


Leadership Skills


Malware Analysis


Pattern Recognition


Data Forensics


SIEM/SOAR Alert/Workflow Creation

Working Conditions / Physical Demands

The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust etc.

The above information in this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

VSP Global is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to age, gender, race, color, religion, sex, national origin, gender identity, sexual orientation, disability or protected veteran status.  We maintain a drug-free workplace and perform pre-employment substance abuse testing.


Nearest Major Market: Chicago

Job Segment: Information Security, Ophthalmic, Information Systems, Risk Management, Computer Science, Technology, Healthcare, Finance

Apply now »