Principal Security Analyst

World Fuel Services Corporation • Miami, FL 33196

Posted 2 weeks ago

Job Description

At World Fuel Services, our employees are the key to our global success.We are industry leaders due to the innumerable talents of our approximately 5000- strong professional team. Our people thrive in an entrepreneurial and culturally-diverse environment, where innovative thinking, collaboration and efficient execution are highly valued. Our high-performance culture is what allows us to drive sustained growth. Stronger together, we promote an environment where individuals can thrive.

When you click 'Apply', you will need to click on 'Create Account'. By creating an account, you will be able to view your applications and their statuses. Your password must contain 1 upper case letter, 1 number, and 1 special character.

World Fuel Services is an equal opportunity employer committed to a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or any other characteristic protected by law.

WFS is seeking an experienced Information Security Professional to work as part of its Information Security Team. This position is a hands-on security role focused on controls/policies/SOP design, update and implementation. The position works with project groups internal to the enterprise-wide infrastructure operations and networks.

This is an individual contributor position. The position defines and delivers complex IT work products at agreed deadlines. The position requires limited supervision and works mostly independently.

Typical tasks and work products include:

* Monitor the compliance of Information Security programs, policies, procedures and systems to satisfy company policy, regulatory, compliance requirements and to protect the company's technology and informational assets.

* Design, implement, and maintain security monitoring, data loss prevention, and other security owned systems.

* Continuously identify, evaluate, rate, and report internal and external threats to the company's information security posture. Evaluate, recommend and implement reasonable security systems and/or procedures to mitigate identified threats.

* Prepare and publish Information Security reports as directed by management.

* Act as security SME for WFS by providing best practice guidance on how systems should be deployed or architected (i.e. Understand IT Operations such as firewalls, active directory, server/workstation hardening, patching, and encryption)

* Perform periodic risk and vulnerability assessments of critical systems and infrastructure to assess the information security risks to the Company. Recommend mitigating controls or procedures to eliminate or minimize identified risks.

* Promote information security awareness by developing, maintaining, and delivering information security

* awareness programs together with Corporate Training.

* Represent information security considerations in approved System Development LifeCycle, Change Management, Production Support and technology-enabled projects.

* Support the cause of Information Security throughout the company by actively participating as a trusted information security advisor to WFS.

* Monitor changes in the technical, legal and regulatory arenas affecting Information Security, alert management accordingly.

Required Exprience:

* Must have 10+ yrs experience within an IT Department working in a similar capacity to the job description above.

* Understanding of Information Security processes and principles.

* Hands-on security control architecture and design, infosec solutions engineering, implementation and service delivery.

* Enterprise architecture lock-downs, UI/n-tier applications dev, app servers, database, webservers, integration servers and middleware security knowledge and risk management.

* Experience with performing risk assessments

* Strong documentation skills

* Understanding of contingency planning, including Continuity of Operations Plans (COOP) and Disaster Recovery Plans (DRP)

* Must have a thorough understanding of the following technologies:

* Familiarity with Python and JSON or similar scripting languages, desirable, but not required.

* Firewalls, protocol analysis, SIEMs, malware protection

* Encryption algorithms and methods

* Cisco Syslog and Firewall walkthrough experience.

* Windows Event log auditing.

* Unix Log auditing.

* Intrusion detection and response experience.

* Systems Monitoring Experience.

* Penetration testing.

* Incident response.

* Forensic analysis

* #LICM1


Sign Up for Daily Job Alerts.

Thank You

You will receive your first job alert within 24 hours.

Similar Jobs

    Browse Jobs | Terms & Conditions | Privacy Policy | Unsubscribe
    POWERED BY