Doxim is the customer communications and engagement technology leader serving financial and regulated industries. Our platform with its suite of integrated, SaaS software and document technology solutions helps clients digitize operations, improve efficiency, and modernize customer experience. With Doxim, clients can communicate reliably and effectively, improve cross-sell and upsell opportunities, and drive increased loyalty and wallet share through personalized omnichannel communications.
Job Description: The Security Analyst's primary responsibility is to monitor all information security tools and systems for unusual and unauthorized activity, as well as Indicators of Compromise (IoC). These systems must also be maintained and managed. The hands-on control of security for an international company and management of Security systems.
Responsibilities: Ensure that security principles are maintained and adhered to by all employees.Monitor all security tools for any security-related incidents which might occur.Investigate and report identified incidents.Provide content creation and tuning policies to ensure that Doxim is aware of and protected from known security vulnerabilities and threat actors.Effectively manage reported system, application, and device vulnerabilities through remediation and maintenance in adherence with incident response procedures.Communicate with various teams for remediation.Incident Management and Response: Raise and log security incidents as they occur.Participate in an incident response team and triage.Assess security incidents quickly and effectively and communicate a course of action to Regional Security SMEs.Compile and maintain information security incident reports to meet audit and legal requirements.Conduct root cause analysis to identify gaps and recommendations, ultimately remediating risks to the organization.Security Management and Improvement: Maintain all security governance documents, technical controls, and processes that support the security strategy/solutions.Develop and optimize processes to improve security threat identification and remediation.Maintain an active understanding of industry practices for threat analytics and incident response.Assist developers in secure coding best practices, risk mitigation techniques, and threat modeling.Explain, present, demonstrate (when applicable), and document the operational impact of vulnerabilities, threats, or risks.Monitor and maintain approved baseline network topologies and configurations.Participate in vulnerability and penetration testing.Compile vulnerability and penetration testing reports.Provide security, technical, configuration, and architecture support to Doxim representatives as required.Day-to-Day Operational Tasks: Conduct daily checks for any security events.Perform phishing analysis.Review DLP alerts.Handle onboarding/offboarding personnel requests.Education: BSC in IT security or equivalent industry qualifications/certifications.Experience: A minimum of two (2) years relevant work experience in the information security field.Experience using vulnerability management tools, firewalls, intrusion detection systems, and responding to network/computer intrusions.Knowledge of information systems security principles and methods, certification and accreditation requirements, and performance management methods.Knowledge of test and assessment methods to evaluate security authentication technologies.Familiarity with standards like PCI, ISO 27001, HiTrust, GDPR, Privacy Shield.Extensive general IT knowledge.Strong technical ability.Experience in the Following Would Be Advantageous: Ability to conduct information security risk assessments.Ability to create and execute security monitoring tool sets such as DLP, SIEM, and Web Gateway, Cyber Protection.Exposure to cyber security or SOC monitoring.Stakeholder Management.Ability to support an information security strategy that aligns with business needs.Understanding of the NIST and ISO 27000 frameworks.Willingness to travel.Knowledge of Microsoft Security best practices.Good understanding of risk and compliance.Understanding of business process analytics.Other: Due to the global nature of the role and different time zones, scheduled after-hours and weekend work might be required.The employee is required to be on standby for urgent escalations at all times.
#J-18808-Ljbffr