Security Analyst

  • location: Madison, WI
  • type: Contract
easy apply

job description

Security Analyst

job summary:
The Information Security Compliance and Governance Senior Analyst works with management and team members in developing strategy and building out our Information Security compliance model and programs, and monitoring and reporting on the company's information security compliance posture to aid in the protection of the Company's customer and enterprise data. Responsibilities include representing information security in collaboration with Internal Audit, compliance teams, Financial Controls Reporting, Sourcing, and other departments in building and communicating our security compliance model and programs. The senior analyst collaborates with other members of the Security Compliance & Governance Unit and the IT Security Department, and has strong depth of knowledge in most primary accountabilities. The person ensures adequate and effective security controls are documented and followed in support of compliance and data security requirements, and partners with internal teams to manage control oversight, testing, gap analysis, and remediation tracking. Work includes risk assessments, supplier assessments, security contract negotiations, security awareness communications, facilitation of internal and external audits, and preparation of audit reports for review by Security Management.

Information Security Governance

Information Security Policies and Standards

  • Documents and communicates security policies, standards, guidelines, and procedures. Ensure documentation is complete, up-to-date, and applicable to our environment. These may include user authentication rules, security auditing procedures, and use of firewalls.
  • Evaluates current and potential legal and regulatory requirements affecting information security and privacy that impact company environment and practices.
  • Stays abreast of information security trends, methods, solutions, standards, and potential threats.
  • Represents Client 's interests in information security to external standards setting bodies and organizations.
  • Has knowledge of standards setting bodies such as NIST and ISO and is able to map policies, technologies, processes, and accountabilities to controls.
  • Develops and delivers information security risk assessments of internal and supplier environments.
  • Participates in the development of the strategies roadmap to address identified information security risks.
Information Security Communications

  • Promotes the values and benefits of complying with security policies and standards.
  • Leads the communication of Information Security policies.
  • Builds out and leads comprehensive Security Awareness Program with relevant content based on worker relationship to company.
  • Coordinates and conducts Information Security awareness events.
  • Provides facilitation services by identifying appropriate stakeholders for discussion, coordinating the meetings, and leading the discussions to the appropriate resolution.
  • Coordinates communication responses for high-profile security incidents or breaches.
  • Creates meaningful security content for web, email and other communication methods for the enterprise.
  • Drafts communications to enterprise workers for timely security awareness communication appropriate to changing threats and trends.
Information Security Metrics

  • Establishes security metric baselines and generates reports reflecting current performance against those baselines.
  • Measures and tracks performance against established goals and expectations
  • Completes a narrative summary and analysis of the metrics; what the numbers mean, what changes in the technology or security environment may have impacted the numbers, and what can be changed to correct any deficiencies.
  • Proactively researches new threats or trends to determine impact to our environment.
Information Security Compliance and Controls

Information Security Compliance

  • Maintains inventory of privacy and breach notification requirements across operating states and other regulatory bodies. Works with Legal in reviewing and providing comments to pending legislation.
  • Reviews security policies and standards for compliance to legal and regulatory requirements. Works with subject matter experts to maintain documentation; modifies or creates new security documentation as needed.
  • Confirms security controls meet legal and regulatory requirements.
  • Monitors and enforces compliance with security policies and standards across the organization.
  • Documents and tracks requests for exception to policies and standards. Monitors and communicates risk mitigation processes and progress toward remediation.
  • Maintains processes and methods for addressing and/or acknowledging non-compliance to information security policies and standards. Assesses and documents the risks and potential and real costs of non-compliance.
  • Reviews contracts for new products or services to ensure alignment to company security policies and standards.
  • Develops and communicates guidelines for enterprise security practices.
  • Evaluates, documents, and communicates security risk of internal and third party supplier environments and provides recommendations toward remediation.
Security Contract Reviews / Data Security Exhibits

  • Reviews redlined Data Security Exhibits (DSEs) submitted by third party suppliers and negotiates terms to ensure protections are in place commensurate to the amount of access to our systems and data.
  • Identifies and recommends critical third party suppliers for regular security assessments to validate compliance with negotiated DSEs.
  • Performs security assessments of existing third party suppliers to confirm compliance to agreed-upon terms.
  • Tracks DSE negotiation progress and provides metrics of the program.
Internal and External Audit

  • Coordinates development and management of the information security controls strategy and plan. Partners with the corporate Internal Audit and Financial Controls Reporting units to ensure alignment with the corporate internal controls strategy and plan.
  • Maintains document repository, workflow and reporting systems that facilitate the effective and efficient monitoring, managing and reporting of security controls operation.
  • Performs and facilitates risk assessments with division technology groups. Partners with technology groups, internal audit, and financial controls reporting to define and document controls.
  • Develops risk control matrix and control test plans for testing direct and complementary security controls in accordance with legal, regulatory and contractual requirements.
  • Executes control testing and documents results. Works with process owners to develop mitigation actions and follows up to ensure remediation steps are taken to completion.
  • Proactively consults in the design and operation of controls to reduce security, financial, and operational risk; identifies opportunities to continuously improve control effectiveness and efficiency and reduce the cost of controls.
  • Drafts management responses to audit findings and is liaison with the internal and external auditors during audit planning, performance and reporting.
Electronic Discovery

  • Is well-versed in the Electronic Discovery Reference Model (EDRM) and defines procedures in accordance to the model that align with Legal and business requirements.
  • Executes the electronic discovery process in accordance with internally defined processes, including the identification, collection, preservation and release of evidence to support or refute the facts and allegations of investigations and litigation. Consults with internal and external counsel in addition to other impacted areas within the corporation.
  • Communicates with all levels of management as appropriate on status and resolution of electronic discovery requests.
  • Documents and shares with team electronic records retention trends, methods, solutions, and standards.
  • Documents and shares with team emerging legislation regarding record retention and privacy.
Specialized Knowledge and Skills Requirements

  • Demonstrated experience providing customer-driven solutions, support or service
  • Solid knowledge and understanding of concepts and philosophies regarding the design and deployment of information technologies and associated architectural concepts, principles and tools.
  • Demonstrated experience in the development of organizational policies and practices.
  • Solid knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies.
  • Solid knowledge and understanding of information security policies, standards and processes.
  • Solid knowledge and understanding of how information security affects an organization and has the ability to link it to business processes.
  • Solid knowledge and understanding of audit standards, practices and control frameworks.
  • Solid knowledge and understanding of risk assessment and control methods.
  • Solid knowledge and understanding of electronic record retention policies and standards
  • Strong communication skills, verbal and written, including ability to communicate to broad spectrum of people of diverse IT and IT Security backgrounds.
  • Strong presentation skills.
  • Strong creative and conceptual mindset to build out security awareness campaigns and presentations.
 
location: Madison, Wisconsin
job type: Contract
work hours: 9am to 5pm
education: Bachelors
 
responsibilities:
The Information Security Compliance and Governance Senior Analyst works with management and team members in developing strategy and building out our Information Security compliance model and programs, and monitoring and reporting on the company's information security compliance posture to aid in the protection of the Company's customer and enterprise data. Responsibilities include representing information security in collaboration with Internal Audit, compliance teams, Financial Controls Reporting, Sourcing, and other departments in building and communicating our security compliance model and programs. The senior analyst collaborates with other members of the Security Compliance & Governance Unit and the IT Security Department, and has strong depth of knowledge in most primary accountabilities. The person ensures adequate and effective security controls are documented and followed in support of compliance and data security requirements, and partners with internal teams to manage control oversight, testing, gap analysis, and remediation tracking. Work includes risk assessments, supplier assessments, security contract negotiations, security awareness communications, facilitation of internal and external audits, and preparation of audit reports for review by Security Management.

Information Security Governance

Information Security Policies and Standards

  • Documents and communicates security policies, standards, guidelines, and procedures. Ensure documentation is complete, up-to-date, and applicable to our environment. These may include user authentication rules, security auditing procedures, and use of firewalls.
  • Evaluates current and potential legal and regulatory requirements affecting information security and privacy that impact company environment and practices.
  • Stays abreast of information security trends, methods, solutions, standards, and potential threats.
  • Represents Client 's interests in information security to external standards setting bodies and organizations.
  • Has knowledge of standards setting bodies such as NIST and ISO and is able to map policies, technologies, processes, and accountabilities to controls.
  • Develops and delivers information security risk assessments of internal and supplier environments.
  • Participates in the development of the strategies roadmap to address identified information security risks.
Information Security Communications

  • Promotes the values and benefits of complying with security policies and standards.
  • Leads the communication of Information Security policies.
  • Builds out and leads comprehensive Security Awareness Program with relevant content based on worker relationship to company.
  • Coordinates and conducts Information Security awareness events.
  • Provides facilitation services by identifying appropriate stakeholders for discussion, coordinating the meetings, and leading the discussions to the appropriate resolution.
  • Coordinates communication responses for high-profile security incidents or breaches.
  • Creates meaningful security content for web, email and other communication methods for the enterprise.
  • Drafts communications to enterprise workers for timely security awareness communication appropriate to changing threats and trends.
Information Security Metrics

  • Establishes security metric baselines and generates reports reflecting current performance against those baselines.
  • Measures and tracks performance against established goals and expectations
  • Completes a narrative summary and analysis of the metrics; what the numbers mean, what changes in the technology or security environment may have impacted the numbers, and what can be changed to correct any deficiencies.
  • Proactively researches new threats or trends to determine impact to our environment.
Information Security Compliance and Controls

Information Security Compliance

  • Maintains inventory of privacy and breach notification requirements across operating states and other regulatory bodies. Works with Legal in reviewing and providing comments to pending legislation.
  • Reviews security policies and standards for compliance to legal and regulatory requirements. Works with subject matter experts to maintain documentation; modifies or creates new security documentation as needed.
  • Confirms security controls meet legal and regulatory requirements.
  • Monitors and enforces compliance with security policies and standards across the organization.
  • Documents and tracks requests for exception to policies and standards. Monitors and communicates risk mitigation processes and progress toward remediation.
  • Maintains processes and methods for addressing and/or acknowledging non-compliance to information security policies and standards. Assesses and documents the risks and potential and real costs of non-compliance.
  • Reviews contracts for new products or services to ensure alignment to company security policies and standards.
  • Develops and communicates guidelines for enterprise security practices.
  • Evaluates, documents, and communicates security risk of internal and third party supplier environments and provides recommendations toward remediation.
Security Contract Reviews / Data Security Exhibits

  • Reviews redlined Data Security Exhibits (DSEs) submitted by third party suppliers and negotiates terms to ensure protections are in place commensurate to the amount of access to our systems and data.
  • Identifies and recommends critical third party suppliers for regular security assessments to validate compliance with negotiated DSEs.
  • Performs security assessments of existing third party suppliers to confirm compliance to agreed-upon terms.
  • Tracks DSE negotiation progress and provides metrics of the program.
Internal and External Audit

  • Coordinates development and management of the information security controls strategy and plan. Partners with the corporate Internal Audit and Financial Controls Reporting units to ensure alignment with the corporate internal controls strategy and plan.
  • Maintains document repository, workflow and reporting systems that facilitate the effective and efficient monitoring, managing and reporting of security controls operation.
  • Performs and facilitates risk assessments with division technology groups. Partners with technology groups, internal audit, and financial controls reporting to define and document controls.
  • Develops risk control matrix and control test plans for testing direct and complementary security controls in accordance with legal, regulatory and contractual requirements.
  • Executes control testing and documents results. Works with process owners to develop mitigation actions and follows up to ensure remediation steps are taken to completion.
  • Proactively consults in the design and operation of controls to reduce security, financial, and operational risk; identifies opportunities to continuously improve control effectiveness and efficiency and reduce the cost of controls.
  • Drafts management responses to audit findings and is liaison with the internal and external auditors during audit planning, performance and reporting.
Electronic Discovery

  • Is well-versed in the Electronic Discovery Reference Model (EDRM) and defines procedures in accordance to the model that align with Legal and business requirements.
  • Executes the electronic discovery process in accordance with internally defined processes, including the identification, collection, preservation and release of evidence to support or refute the facts and allegations of investigations and litigation. Consults with internal and external counsel in addition to other impacted areas within the corporation.
  • Communicates with all levels of management as appropriate on status and resolution of electronic discovery requests.
  • Documents and shares with team electronic records retention trends, methods, solutions, and standards.
  • Documents and shares with team emerging legislation regarding record retention and privacy.
Specialized Knowledge and Skills Requirements

  • Demonstrated experience providing customer-driven solutions, support or service
  • Solid knowledge and understanding of concepts and philosophies regarding the design and deployment of information technologies and associated architectural concepts, principles and tools.
  • Demonstrated experience in the development of organizational policies and practices.
  • Solid knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies.
  • Solid knowledge and understanding of information security policies, standards and processes.
  • Solid knowledge and understanding of how information security affects an organization and has the ability to link it to business processes.
  • Solid knowledge and understanding of audit standards, practices and control frameworks.
  • Solid knowledge and understanding of risk assessment and control methods.
  • Solid knowledge and understanding of electronic record retention policies and standards
  • Strong communication skills, verbal and written, including ability to communicate to broad spectrum of people of diverse IT and IT Security backgrounds.
  • Strong presentation skills.
  • Strong creative and conceptual mindset to build out security awareness campaigns and presentations.
 
qualifications:
The Information Security Compliance and Governance Senior Analyst works with management and team members in developing strategy and building out our Information Security compliance model and programs, and monitoring and reporting on the company's information security compliance posture to aid in the protection of the Company's customer and enterprise data. Responsibilities include representing information security in collaboration with Internal Audit, compliance teams, Financial Controls Reporting, Sourcing, and other departments in building and communicating our security compliance model and programs. The senior analyst collaborates with other members of the Security Compliance & Governance Unit and the IT Security Department, and has strong depth of knowledge in most primary accountabilities. The person ensures adequate and effective security controls are documented and followed in support of compliance and data security requirements, and partners with internal teams to manage control oversight, testing, gap analysis, and remediation tracking. Work includes risk assessments, supplier assessments, security contract negotiations, security awareness communications, facilitation of internal and external audits, and preparation of audit reports for review by Security Management.

Information Security Governance

Information Security Policies and Standards

  • Documents and communicates security policies, standards, guidelines, and procedures. Ensure documentation is complete, up-to-date, and applicable to our environment. These may include user authentication rules, security auditing procedures, and use of firewalls.
  • Evaluates current and potential legal and regulatory requirements affecting information security and privacy that impact company environment and practices.
  • Stays abreast of information security trends, methods, solutions, standards, and potential threats.
  • Represents Client 's interests in information security to external standards setting bodies and organizations.
  • Has knowledge of standards setting bodies such as NIST and ISO and is able to map policies, technologies, processes, and accountabilities to controls.
  • Develops and delivers information security risk assessments of internal and supplier environments.
  • Participates in the development of the strategies roadmap to address identified information security risks.
Information Security Communications

  • Promotes the values and benefits of complying with security policies and standards.
  • Leads the communication of Information Security policies.
  • Builds out and leads comprehensive Security Awareness Program with relevant content based on worker relationship to company.
  • Coordinates and conducts Information Security awareness events.
  • Provides facilitation services by identifying appropriate stakeholders for discussion, coordinating the meetings, and leading the discussions to the appropriate resolution.
  • Coordinates communication responses for high-profile security incidents or breaches.
  • Creates meaningful security content for web, email and other communication methods for the enterprise.
  • Drafts communications to enterprise workers for timely security awareness communication appropriate to changing threats and trends.
Information Security Metrics

  • Establishes security metric baselines and generates reports reflecting current performance against those baselines.
  • Measures and tracks performance against established goals and expectations
  • Completes a narrative summary and analysis of the metrics; what the numbers mean, what changes in the technology or security environment may have impacted the numbers, and what can be changed to correct any deficiencies.
  • Proactively researches new threats or trends to determine impact to our environment.
Information Security Compliance and Controls

Information Security Compliance

  • Maintains inventory of privacy and breach notification requirements across operating states and other regulatory bodies. Works with Legal in reviewing and providing comments to pending legislation.
  • Reviews security policies and standards for compliance to legal and regulatory requirements. Works with subject matter experts to maintain documentation; modifies or creates new security documentation as needed.
  • Confirms security controls meet legal and regulatory requirements.
  • Monitors and enforces compliance with security policies and standards across the organization.
  • Documents and tracks requests for exception to policies and standards. Monitors and communicates risk mitigation processes and progress toward remediation.
  • Maintains processes and methods for addressing and/or acknowledging non-compliance to information security policies and standards. Assesses and documents the risks and potential and real costs of non-compliance.
  • Reviews contracts for new products or services to ensure alignment to company security policies and standards.
  • Develops and communicates guidelines for enterprise security practices.
  • Evaluates, documents, and communicates security risk of internal and third party supplier environments and provides recommendations toward remediation.
Security Contract Reviews / Data Security Exhibits

  • Reviews redlined Data Security Exhibits (DSEs) submitted by third party suppliers and negotiates terms to ensure protections are in place commensurate to the amount of access to our systems and data.
  • Identifies and recommends critical third party suppliers for regular security assessments to validate compliance with negotiated DSEs.
  • Performs security assessments of existing third party suppliers to confirm compliance to agreed-upon terms.
  • Tracks DSE negotiation progress and provides metrics of the program.
Internal and External Audit

  • Coordinates development and management of the information security controls strategy and plan. Partners with the corporate Internal Audit and Financial Controls Reporting units to ensure alignment with the corporate internal controls strategy and plan.
  • Maintains document repository, workflow and reporting systems that facilitate the effective and efficient monitoring, managing and reporting of security controls operation.
  • Performs and facilitates risk assessments with division technology groups. Partners with technology groups, internal audit, and financial controls reporting to define and document controls.
  • Develops risk control matrix and control test plans for testing direct and complementary security controls in accordance with legal, regulatory and contractual requirements.
  • Executes control testing and documents results. Works with process owners to develop mitigation actions and follows up to ensure remediation steps are taken to completion.
  • Proactively consults in the design and operation of controls to reduce security, financial, and operational risk; identifies opportunities to continuously improve control effectiveness and efficiency and reduce the cost of controls.
  • Drafts management responses to audit findings and is liaison with the internal and external auditors during audit planning, performance and reporting.
Electronic Discovery

  • Is well-versed in the Electronic Discovery Reference Model (EDRM) and defines procedures in accordance to the model that align with Legal and business requirements.
  • Executes the electronic discovery process in accordance with internally defined processes, including the identification, collection, preservation and release of evidence to support or refute the facts and allegations of investigations and litigation. Consults with internal and external counsel in addition to other impacted areas within the corporation.
  • Communicates with all levels of management as appropriate on status and resolution of electronic discovery requests.
  • Documents and shares with team electronic records retention trends, methods, solutions, and standards.
  • Documents and shares with team emerging legislation regarding record retention and privacy.
Specialized Knowledge and Skills Requirements

  • Demonstrated experience providing customer-driven solutions, support or service
  • Solid knowledge and understanding of concepts and philosophies regarding the design and deployment of information technologies and associated architectural concepts, principles and tools.
  • Demonstrated experience in the development of organizational policies and practices.
  • Solid knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies.
  • Solid knowledge and understanding of information security policies, standards and processes.
  • Solid knowledge and understanding of how information security affects an organization and has the ability to link it to business processes.
  • Solid knowledge and understanding of audit standards, practices and control frameworks.
  • Solid knowledge and understanding of risk assessment and control methods.
  • Solid knowledge and understanding of electronic record retention policies and standards
  • Strong communication skills, verbal and written, including ability to communicate to broad spectrum of people of diverse IT and IT Security backgrounds.
  • Strong presentation skills.
  • Strong creative and conceptual mindset to build out security awareness campaigns and presentations.
 
skills: The Information Security Compliance and Governance Senior Analyst works with management and team members in developing strategy and building out our Information Security compliance model and programs, and monitoring and reporting on the company's information security compliance posture to aid in the protection of the Company's customer and enterprise data. Responsibilities include representing information security in collaboration with Internal Audit, compliance teams, Financial Controls Reporting, Sourcing, and other departments in building and communicating our security compliance model and programs. The senior analyst collaborates with other members of the Security Compliance & Governance Unit and the IT Security Department, and has strong depth of knowledge in most primary accountabilities. The person ensures adequate and effective security controls are documented and followed in support of compliance and data security requirements, and partners with internal teams to manage control oversight, testing, gap analysis, and remediation tracking. Work includes risk assessments, supplier assessments, security contract negotiations, security awareness communications, facilitation of internal and external audits, and preparation of audit reports for review by Security Management.

Information Security Governance

Information Security Policies and Standards

  • Documents and communicates security policies, standards, guidelines, and procedures. Ensure documentation is complete, up-to-date, and applicable to our environment. These may include user authentication rules, security auditing procedures, and use of firewalls.
  • Evaluates current and potential legal and regulatory requirements affecting information security and privacy that impact company environment and practices.
  • Stays abreast of information security trends, methods, solutions, standards, and potential threats.
  • Represents Client 's interests in information security to external standards setting bodies and organizations.
  • Has knowledge of standards setting bodies such as NIST and ISO and is able to map policies, technologies, processes, and accountabilities to controls.
  • Develops and delivers information security risk assessments of internal and supplier environments.
  • Participates in the development of the strategies roadmap to address identified information security risks.
Information Security Communications

  • Promotes the values and benefits of complying with security policies and standards.
  • Leads the communication of Information Security policies.
  • Builds out and leads comprehensive Security Awareness Program with relevant content based on worker relationship to company.
  • Coordinates and conducts Information Security awareness events.
  • Provides facilitation services by identifying appropriate stakeholders for discussion, coordinating the meetings, and leading the discussions to the appropriate resolution.
  • Coordinates communication responses for high-profile security incidents or breaches.
  • Creates meaningful security content for web, email and other communication methods for the enterprise.
  • Drafts communications to enterprise workers for timely security awareness communication appropriate to changing threats and trends.
Information Security Metrics

  • Establishes security metric baselines and generates reports reflecting current performance against those baselines.
  • Measures and tracks performance against established goals and expectations
  • Completes a narrative summary and analysis of the metrics; what the numbers mean, what changes in the technology or security environment may have impacted the numbers, and what can be changed to correct any deficiencies.
  • Proactively researches new threats or trends to determine impact to our environment.
Information Security Compliance and Controls

Information Security Compliance

  • Maintains inventory of privacy and breach notification requirements across operating states and other regulatory bodies. Works with Legal in reviewing and providing comments to pending legislation.
  • Reviews security policies and standards for compliance to legal and regulatory requirements. Works with subject matter experts to maintain documentation; modifies or creates new security documentation as needed.
  • Confirms security controls meet legal and regulatory requirements.
  • Monitors and enforces compliance with security policies and standards across the organization.
  • Documents and tracks requests for exception to policies and standards. Monitors and communicates risk mitigation processes and progress toward remediation.
  • Maintains processes and methods for addressing and/or acknowledging non-compliance to information security policies and standards. Assesses and documents the risks and potential and real costs of non-compliance.
  • Reviews contracts for new products or services to ensure alignment to company security policies and standards.
  • Develops and communicates guidelines for enterprise security practices.
  • Evaluates, documents, and communicates security risk of internal and third party supplier environments and provides recommendations toward remediation.
Security Contract Reviews / Data Security Exhibits

  • Reviews redlined Data Security Exhibits (DSEs) submitted by third party suppliers and negotiates terms to ensure protections are in place commensurate to the amount of access to our systems and data.
  • Identifies and recommends critical third party suppliers for regular security assessments to validate compliance with negotiated DSEs.
  • Performs security assessments of existing third party suppliers to confirm compliance to agreed-upon terms.
  • Tracks DSE negotiation progress and provides metrics of the program.
Internal and External Audit

  • Coordinates development and management of the information security controls strategy and plan. Partners with the corporate Internal Audit and Financial Controls Reporting units to ensure alignment with the corporate internal controls strategy and plan.
  • Maintains document repository, workflow and reporting systems that facilitate the effective and efficient monitoring, managing and reporting of security controls operation.
  • Performs and facilitates risk assessments with division technology groups. Partners with technology groups, internal audit, and financial controls reporting to define and document controls.
  • Develops risk control matrix and control test plans for testing direct and complementary security controls in accordance with legal, regulatory and contractual requirements.
  • Executes control testing and documents results. Works with process owners to develop mitigation actions and follows up to ensure remediation steps are taken to completion.
  • Proactively consults in the design and operation of controls to reduce security, financial, and operational risk; identifies opportunities to continuously improve control effectiveness and efficiency and reduce the cost of controls.
  • Drafts management responses to audit findings and is liaison with the internal and external auditors during audit planning, performance and reporting.
Electronic Discovery

  • Is well-versed in the Electronic Discovery Reference Model (EDRM) and defines procedures in accordance to the model that align with Legal and business requirements.
  • Executes the electronic discovery process in accordance with internally defined processes, including the identification, collection, preservation and release of evidence to support or refute the facts and allegations of investigations and litigation. Consults with internal and external counsel in addition to other impacted areas within the corporation.
  • Communicates with all levels of management as appropriate on status and resolution of electronic discovery requests.
  • Documents and shares with team electronic records retention trends, methods, solutions, and standards.
  • Documents and shares with team emerging legislation regarding record retention and privacy.
Specialized Knowledge and Skills Requirements

  • Demonstrated experience providing customer-driven solutions, support or service
  • Solid knowledge and understanding of concepts and philosophies regarding the design and deployment of information technologies and associated architectural concepts, principles and tools.
  • Demonstrated experience in the development of organizational policies and practices.
  • Solid knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies.
  • Solid knowledge and understanding of information security policies, standards and processes.
  • Solid knowledge and understanding of how information security affects an organization and has the ability to link it to business processes.
  • Solid knowledge and understanding of audit standards, practices and control frameworks.
  • Solid knowledge and understanding of risk assessment and control methods.
  • Solid knowledge and understanding of electronic record retention policies and standards
  • Strong communication skills, verbal and written, including ability to communicate to broad spectrum of people of diverse IT and IT Security backgrounds.
  • Strong presentation skills.
  • Strong creative and conceptual mindset to build out security awareness campaigns and presentations.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs