Apply Now

Security Assurance Analyst

Who Are We?
Workforce Opportunity Services (WOS) launches technology and business careers for recent college graduates and military veterans. We partner with corporations throughout the United States to open up full-time, entry level career pathways. If you are struggling to get your foot in the door, we can help you navigate your first steps. Our employees receive personalized mentoring and a benefits package to ensure their continued success.

For more information about WOS, visit our website: Workforce Opportunity Service.

This is a consultancy role at our partner AllianceBernstein. AllianceBernstein is a leading global investment management firm that offers high-quality research and diversified investment services to institutional clients, individuals and private clients in major markets around the world. AllianceBernstein employs more than 500 investment professionals with expertise in growth equities, value equities, fixed income securities, blend strategies, and alternative investments, and, through its subsidiaries and joint ventures, operates in more than 20 countries. 

Candidate Profile:

  • Post 9/11 Veteran with an Honorable discharge, OR
  • Currently serving in the National Guard or Reserve
  • Availability to work full-time

Overall Position Description:

Under the guidance of the Senior Security Assurance Analyst, the individual filling this role will be responsible for testing the adequacy and effectiveness of enterprise wide information security controls. The Security Assurance Analyst analyzes, validates and documents findings and recommendations for review by the Senior Security Assurance Analyst. The person filling this position will have the opportunity to work on a broad range of security tasks and have a direct impact on the growing security assurance program.

Responsibilities:

  • Identify existing security controls within target areas by performing interviews, reviewing system documentation, and running discovery scans.
  • Create effective control tests that do not increase risk to data or control itself.
  • Execute control tests to validate they are meeting the control intent, are implemented uniformly across the enterprise, can’t be circumvented or adversely impacted.
  • Help develop new and improve existing control testing and monitoring processes.
  • Perform vulnerability scans and analyze the results.
  • Document information security controls, assessment findings, processes, and recommendations.
  • Identify and report ancillary information security risks observed during control tests.
  • Research industry security standards, best practices, emerging threats, vulnerabilities, and mitigation strategies.

Qualifications:

  • Bachelor’s degree in Computer Science, Computer Engineering, Information Systems, Infrastructure Assurance, Information Security, Cyber Security or a related field (or relevant work experience).
  • 2-4 years’ experience in at least some of the following areas:
    • Information Security Engineering
    • Information Security Analyst
    • Security Assurance or Information Assurance
    • Vulnerability Assessments/Penetration Tests: Vulnerability research and analysis; threat and risk analysis; identification of insecure configurations; patch management; and experience with the following tools: Nmap, vulnerability scanners, etc.
    • Security control and process Review: Technical and administrative security controls; industry standards and best practices (OWASP, NIST, SANS, etc.); technology owner/manager interviews.
    • Suspicious Activity Monitoring: Intrusion Detection/Prevention; Data Loss Prevention.
    • DLP scanning experience desired
    • Splunk experience desired
    • Understanding of authentication, authorization and auditing.
  • A strong understanding of Information Technology:
    • TCP/IP (IP addressing and commonly used port assignments)
    • Windows, UNIX and Linux Operating Systems
    • Database technologies
    • Firewalls
    • Client-Server applications
    • Web based applications
    • Remote Access technologies
    • Mobile device technologies
  • Skills:
    • Ability to think like an attacker to design effective control tests.
    • Strong analytical skills to determine the key pieces of information required to make informed decisions.
    • Strong verbal and written communication skills. Ability to adjust communication style/content to interact with IT and business professionals.
    • Excellent written/verbal communication skills
    • Project management experience/knowledge, with ability to drive projects to successful completion
    • Strong interpersonal, problem-solving, prioritization, organizational skills and attention to detail.
    • Ability to merge and analyze large volumes of data utilizing tools such as MS Excel (e.g. pivot tables, etc.), Splunk, etc.
    • MS Office (Access, Excel, Word, PowerPoint, Visio).
    • Programming/scripting skills is a plus.

Duration:

  • Full-Time (40 Hours/week)

Salary:

  • $22.00/Hour (Plus benefits)

Location:

  • San Antonio, TX