Information Security Analyst (american project)

We are looking for skilled IT Security Analyst for our client - small company with startup culture.

This unique position requires you to join a growing team in Bratislava (Slovakia) reporting to one of major U.S. clients, an innovative health insurance company.
Cyberattacks are on the increase and so are your responsibilities.
We expect you to be the security evangelist who helps support our client’s information security program, provides day-to-day management, supports hands-on execution of security projects, and provides security advice and guidance.

This includes:
• Developing and implementing effective policies and practices to protect sensitive customer data and corporate assets.
• Ensuring compliance with security standards, governmental regulations, and company policies through development and management of training programs and periodic security audits.
• Providing input to assess and evaluate information security risks and monitor compliance with security standards and appropriate policies.
• Keeping abreast of security incidents and assisting in issue management during significant information security incidents.
• Examining impacts of new technologies on the company’s overall information security; establishing processes to review the implementation of new technologies to ensure security compliance. • Assisting in configurations for products in the security toolkit.
• Providing accurate and timely reporting on all project deliverables.
• Managing all partner and customer security needs during the RFP process, technical due diligence, or as part of ongoing interactions.
• Assisting in internal and external audits to ensure adequate controls are in place to support ISO 27001 and HITRUST compliance certifications.

Personality requirements and skills
• Knowledge of network-based and system-level attacks and mitigation methods, as well as knowledge of application level attacks; especially web applications and their mitigation methods.
• Excellent communicator who can effectively work with all management teams and articulate security-related concepts to a broad range of technical and non-technical staff.
• Experience conducting and/or assisting with formal audits in support of an Information Security Management System or certifications.
• Experience with business continuity planning, auditing, and risk management, as well as third-party security management.
• Ability to effectively evaluate security and compliance requirements, understand their impact on the business, and design creative security solutions that are not disruptive to the business.
• Understanding of firewalls, encryption PKI, Intrusion Detection Systems, Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Web Application Firewalls, Advanced Malware Defenses, DDOS Prevention, Application Whitelisting and Network Packet Capture Solutions.
• Knowledge of vulnerability and endpoint protection tools.
• Minimum of 1-2 years of directly supporting an information security management program.
• Minimum of 3 years of cumulative experience in at least two security specific domains.
• 3-5 years of prior experience in a hands-on IT operational role such as network or systems engineering is a nice-to-have. • BS or MS in Computer Science, Information Systems or related field.
• Professional certifications such as SSCP, CISSP, CISM or CISA is a nice to have
• Experience with HIPAA , HITRUST , ISO 27001 , PCI-DSS , SOC2 reporting or SOX compliance is a strong plus.

Information technology, computer programming, web portals

Our client is provider of software solutions for different (mostly american) customers.