Senior Information Security Anlyst at Syneos Health Clinical Solutions

Job Summary

The Analyst supports the development, education, monitoring, and implementation oversight of enterprise information security policies and standards. The Analyst primary focus is to assist with the administration of information security governance and compliance processes and monitoring and reporting information security policy and program compliance.

Job Responsibilities

• Performs vendor security assessments and security reviews to assess the security posture and capabilities of Syneos Health vendors
• Monitors Syneos Health vendors to ensure they are meeting Syneos Health vendor security requirements
• Monitors, and reports on information security governance, risk and compliance key performance indicators
• Assist with preparing and submitting mandatory information security program compliance reports to management, and clients
• Assist with preparing responses to internal and external inquiries about information security program, compliance, and performance
• Helps administer information security governance review and approval procedures
• Collaborates with other security organization members on cross-business / cross-functional opportunities
• Helps perform security data analysis and event tracking
• Responds to reported security incidents and events through the Company’s ticketing system
• Helps with writing documentation and reports
• Evaluates new security technology in the Company environment
• Other duties as assigned

Qualifications

• Experience with leading information security frameworks and policy concepts.
• Bachelor’s Degree (or higher) preferred (or equivalent experience).
• Industry certifications such as CISA, CRISC, CISSP or similar industry certification desirable.
• Proficient with Microsoft Office Suite (Word, Excel, Power Point).
• Professional with ability to properly handle confidential information.
• Ability to work well independently and in a team environment. Ability to handle multiple tasks, prioritize and meet deadlines. Ability to work within a matrix organization.
• Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.
• Understanding of security tools such as firewalls, anti-malware, Intrusion Detection/ Intrusion Prevention systems (IDS/IPS), Data Leak Prevention (DLP), Unified Threat Management (UTM).
• Familiarity with common information security standards such as ISO-27000 and NIST SP 800 series.
• Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate