Q2 is seeking a Security Analyst to join the Q2 Enterprise Security Risk & Compliance Team to drive continuous improvement. This position performs advanced information security analysis work. Work involves planning, consulting for implementing, and monitoring security measures for information systems and infrastructure to regulate access to computer data files and to prevent unauthorized modification, destruction, or disclosure of information. You will work on complex projects and issues and use professional knowledge as well as technical and advanced business concepts to develop approaches to mitigate IT and business risks.
- Responsible for the research, technical analysis, recommendation, install, configuration, and administration of systems to ensure the protection of information processed, stored or transmitted
- Performs complex security analysis of existing systems for compliance with security requirements
- Analyze and use hardware/software, such as Advance Threat Protection, Intrusion Prevention and data encryption programs, to protect sensitive information
- Prepare reports that document security breaches and the extent of the damage caused by the breaches
- Research the latest information technology (IT) security trends
- Create and update existing documentation of processes and procedures in support of administration tasks
- Attend and actively participate in weekly meetings
- Responsible for ensuring that all security, availability, confidentiality and privacy policies and controls are adhered to
- Perform maintenance related activities during scheduled weekend maintenance windows.
EXPERIENCE AND KNOWLEDGE:
- Bachelor’s degree in information systems, business administration or related ﬁeld
- Minimum of 5 years of related experience; or an advanced degree with 3+ years of experience; or equivalent related work experience.
- Strong problem solving, analytical skills, and organizational skills
- Outstanding oral and written communication skills
- Self-motivation and the ability to work under minimal supervision
- Willingness to pursue further training and certiﬁcation
- Must be able to exercise judgment within defined procedures to determine appropriate action
- Must have strong organizational and multi-tasking skills to prioritize workload in a fast paced environment
- Must work effectively within a team environment
- Third-Party Security Risk Analysis and Review
- CISSP, GIAC, or other security certifications that demonstrate competency in computer security
- Knowledge of financial regulatory standards, including SOX-404, SOC, FFIEC, ISO 27001, PCI, etc.
At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.