THE DEPARTMENT:

The Helzberg Information Security Department is responsible for ensuring the confidentiality, integrity, and availability of sensitive company data, as well as protecting our organization’ s digital assets from unauthorized access, use, disclosure, disruption, modification, or destruction. The Information Security team collaborates closely with various business units to ensure that cyber security is integrated into business operations and decision-making processes to not only ensure the safety and security of digital assets, but also regulatory compliance.

POSITION SUMMARY:

This position is responsible for providing first-level monitoring of computer-generated logs, assisting in the generation of security metrics reporting, assisting in the information security awareness program and assisting in the forensic data gathering related to security incidents. This position will be responsible for operating vulnerability scans and working with business partners to assist in the mitigation / remediation of identified vulnerabilities.

QUALIFICATIONS:

• Technical education degree or associate degree in a computer related curriculum or equivalent work experience.
• 2-4 years of experience in Information Technology required. Experience should include endpoint systems and security platforms.
• Strong knowledge of cyber security principles, practices, and technologies in areas of network & endpoint security; identity & access management; vulnerability management; encryption and data protection are required.
• Excellent analytical and problem-solving skills, as well as the ability to create concise documentation for both technical and non-technical resources.
• Strong interpersonal skills are a must as the position requires partnering with associates of various technical ability throughout the organization to solve complex issues.
• Exceptional organizational skills as the position requires the ability to handle multiple projects and carry out complex tasks independently.

PRINCIPAL ACCOUNTABILITIES:

• Monitor and conduct analysis of computer logs and information within security platforms to identify suspicious or malicious activity and to ensure that security incidents are acted upon in a timely manner.
• Assist in training associates on enterprise security principles and best practices.
• Review and assess partner security documentation to confirm compliance with organizational standards and best practices.
• Ensure regulatory compliance by implementing key processes and supporting adherence to established security frameworks.
• Schedule and monitor vulnerability management processes and work with business partners to mitigate / remediate identified vulnerabilities.
• Coordinate and execute various internal audit functions related to system access reviews. The analyst will collaborate with business stakeholders to mitigate/remediate any items derived from the internal audit.
• Participate in rotational on-call night and weekend incident response support.