Senior Analyst, Information Security

Job Description

Overview and Responsibilities

The Senior Analyst's primary job role is to reduce risk to ViacomCBS Information and Information Systems through the understanding and use of various data security technologies, applications, methodologies, and industry standards. The main domain will be vulnerability management. The job role also requires an individual who will act as a technical security liaison with groups within and outside of Tech. Here at ViacomCBS, we work hard and seek to nurture an inclusive environment.

Responsibilities:
• Performing vulnerability scans, including analysis and coordinating remediation
• Conducting anomaly detection analysis and coordinating remediation
• Conducting intrusion detection analysis and coordinating remediation
• Participating in the planning and implementation of ViacomCBS Information Security projects
• Reviewing projects, business units, and vendors to identify Information Security concerns
• Assist in performing risk evaluations and penetration assessments
• Supporting the company's risk management program in a manner that fulfills the strategic goals of the organization while following local, state, and federal laws and accreditation standards
• Proactively identify creative risk solutions to enhance data security throughout the enterprise
• Assist in the development of procedures and related guidelines
• Engaging with senior tech leadership to ensure that the vulnerability management programme has comprehensive coverage.
• Acting in the capacity of a 3rd level security specialist and utilizing the entire security toolset to minimize risk to ViacomCBS.
• Responsible for acting as an authority on Vulnerability Management.

Basic Qualifications
• Vulnerability scanning, intrusion detection, anomaly detection, and use of associated technologies
• Experience of the tools, techniques, and standards used to conduct penetration testing of Windows, Unix, and Linux platforms.
• Experience of tools, techniques, and standards used to conduct application penetration testing for applications that support but not limited to Java, JBoss, PHP, WebDev
• Understanding of common threat methodologies such as Sans and OWASP
• Experience of cloud security technologies and security standard methodology
• Experience in crafting management reporting from a large dataset.
• Experience in prioritizing vulnerabilities to support risk mitigation.

Additional Qualifications
• Working knowledge of Information Security Policies and their development
• Recognized security qualifications are desirable CISSP, ENCE, GCIH, GCIA, CISM,
• Technical and Functional knowledge of the following applications, technologies and protocols:
• Threat analysis including vulnerability scanning, intrusion detection, and log analysis.
• Operating system hardening standard methodologies
• Familiarity with threat methodologies such as SANS and OWASP
• Familiarity with common database platforms (SQL, Oracle, MySQL, etc.)
• Endpoint security
• Data Leakage Prevention
• Wireless security
• Mobile device security
• Knowledge of industry standard audio and video file formats and transmission protocols

Education:
• BA/BS degree or equivalent preferred but not required

Jobcode: Reference SBJ-r12jzm-18-188-40-207-42 in your application.