Information Security Analyst

ICONs mission is to help our customers accelerate the development of drugs and devices that save lives and improve the quality of life. ICON is seeking to hire an Information Security Analyst to join their Global Information Security team.

The information security analyst will play a vital role in keeping our organisation's proprietary and sensitive information secure, and have responsibility for leading and managing information security initiatives and operational activities globally for ICON to improve the company's overall security posture. The role requires a mix of information security, process improvement, governance, cybersecurity operations, risk management, project management, and people management skills.

Job Description:

Reporting to the Senior Information Security Manager, the information security analyst is responsible for the following:

• Developing and contributing to information security strategy, policies, standards and procedures.
• Always ensuring compliance with ICON Information Security policies and hardening standards.
• Leading risk assessments with business and technical stakeholders.
• Leading security projects and initiatives such as security improvement projects and solution implementations.
• Managing and enhancing enterprise data loss prevention and classification programme including solution health, policy creation and tuning based on business requirements, timely incident resolution, and reporting activities.
• Managing and enhancing cloud security and governance programme across SaaS, PaaS and IaaS platforms, including CASB solution health, policy creation and tuning, timely incident resolution, and reporting activities.
• Take a lead role in assessing and agreeing cloud security architecture designs and security baselines with inter-departmental teams.
• Approve/Reject security requests within ticketing system based on risk assessment and Information security policy alignment.
• When required, work to resolve vulnerabilities that are identified from vulnerability scans, penetration tests and other security assessments on ICON infrastructure.
• Ensure that defined security models are adhered to on an on-going basis.
• Maintain a strong awareness of the current threat landscape.
• Participate in weekly change control meetings representing security.
• Other functions as assigned by ICON Cybersecurity Operations Manager.

Skills & Experience

The successful candidate will have experience of operating in a technically complex, fast changing and dynamic environment. Working as part of a global team the information security analyst must be a proven self-starter, have excellent organisational and communications skills. The ideal candidate will have a genuine passion for Information Security and must have the ability to maintain composure under pressure. They should also have a skills and experience in the following areas:

• Understanding of IT and Information security techniques and methodologies.
• Proven experience in information security and operational activities.
• Operational experience across security solutions such as DLP and CASB.
• Security solution implementation and project management
• Understanding of:
  • ISO27001, NIST cybersecurity framework and MITRE ATT&CK Framework
  • Information Security Policy and Standards
  • Vulnerability Analysis
  • Information Security Standards
  • Data loss prevention and classification solutions
  • System Administration
  • Windows & Linux OS
  • Virtualization
  • Application layer vulnerabilities
  • Knowledge of encryption Protocols
  • Firm Knowledge of enterprise networks
  • Mobile Security
  • Web and Email Security
  • Solid understanding of cloud architecture
• Ability to leverage technical skills to correlate data to streamline analysis process
• Ability to relate technical issues to non-technical associates / business owners
• Ability to work with geographically dispersed operational teams.
• Ability to translate and communicate technical issues into understandable and meaningful business risk.
• Have experience in influencing and negotiating with relevant stakeholders to work towards solutions and will have a positive "can do" attitude.
• Analytical, problem solving and communication skills.

Qualifications & Experience:

• At least 7-10 years in a security related role
• Bachelor's degree or equivalent program in Computer Science, Information Security or Information Technology
• One or more of the following desired Certifications: CISSP, CISM, GSEC, CCNA, CompTIA Network+, CompTIA Security+