Senior Information Security Analyst
Employment Type : Full-Time
Overview: The Senior Information Security Analyst, under the general direction of the Sr Manager, InfoSec GRC (Information Security Governance Risk and Compliance), develops, manages and audits security controls in coordination with PowerSchool’s security compliance programs.
Performs security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Assesses information security risk and audits remediation of vulnerabilities. Coordinates security program efforts including ISO27001 and SOC 2 audits. Supports customer inquiry in PowerSchool security programs through questionnaire response and proactive communication strategies. Evaluates vendor security programs and documentation. Assists in the creation and implementation of security solutions. Researches and evaluates cybersecurity threats and performs root cause analysis. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.Responsibilities: Essential duties and responsibilities include the following. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.- Operates formalized Information Security programs and processes such as Risk Assessment, Third Party Assessments, System Hardening and Security Requests
- Supports the program management of established Information Security protocols such as Incident Response
- Conducts proactive structured audits on PowerSchool’s business systems, applications and infrastructure and helps remediate identified issues
- Recommends appropriate mitigation and remediation plans
- Generates, executes, and analyzes security reports
- Maintains an accurate documentation and audit trail of security events/requests
- Maintains security and compliance performance metrics
- Helps the InfoSec Office in maintaining a risk register with appropriate threat levels
- Communicates and collaborates effectively with both technical and non-technical teams/business units
- Researches and prepares periodic and ad-hoc reports of Information Security program execution
- Helps author and maintain documentation for supported policies, processes and procedures
- Performs ongoing research of Information Security related topics
- Supports with execution of fixes as guided by the team
- Provides after-hours support on an as needed basis
- Maintains the library of PowerSchool’s security artifacts
- Leads the response to customer security questionnaires
- Mentors and supports Information Security team members and other co-workers on security topics
- Performs additional duties as assigned
Qualifications: To be considered for and to perform this job successfully, an individual must be able to perform each essential duty and responsibility satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required. Skills and Abilities:- Autonomous execution of responsibilities and pursuing continuous improvement of tools and systems for self and team
- Passionate learner with desire to continue to grow and adapt
- Strong communication skills, both verbal and written to all levels within organization and customers
- Can build and execute more complex project plans, quickly respond to ad-hoc requests
- Curious with ability to predict, find and solve problems
- Utilizes expertise to share knowledge and elevate the team to achieve greater results
Qualifications include:- 4+ years cybersecurity/SOC experience
- Working experience of security policies/processes, compliance management, and risk assessment
- ISO 27001/SOC 2 Type 2 certification experience
- Working experience of public clouds (AWS, Azure, Google) preferred
- Bachelor’s degree in CyberSecurity, Computer Science or Information Technologies required or equivalent experience
- Information security certification or related certifications highly desirable
Environmental Factors- Constant indoor collaborative work environment in close contact with co-workers
- Frequent social interactions and interruptions
- Frequent work under time restraints
- Rare travel
Physical Requirements Lifting/Carrying:- Occasionally carrying items weighing under 10 lbs.
- Rarely carrying items weighing between 11-20 lbs.
Twisting/Turning:- Occasionally reaching over shoulder, overhead and reaching outward
- Occasionally bending
- Frequently walking normal surfaces
- Constant sitting
Other:- Constant use of keyboard, fine dexterity, grasping, holding
- Constant repetitive motion – hands
EEO Commitment: PowerSchool is committed to a diverse and inclusive workplace. PowerSchool is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Our inclusive culture empowers PowerSchoolers to deliver the best results for our customers. We not only celebrate the diversity of our workforce, we celebrate the diverse ways we work. If you have a disability and need an accommodation regarding our recruiting process, please let us know by emailing accommodations@powerschool.com.