Senior Information Security Analyst in Cleveland at CBIZ

Date Posted: 6/29/2022

Job Snapshot

Job Description

With over 100 offices and nearly 6,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level.  

CBIZ has been honored to be the recipient of several national recognitions:

  • 2022 Top Workplaces USA
  • 2022 Great Place to Work Certification
  • Top 101 2021 Best and Brightest Companies to Work For in the Nation
  • 2021 America's Best Mid-Size Employers
  • 2021 Best and Brightest Companies in Wellness

Senior Information Security Analyst: Job Purpose / Objective                                           

The Senior Information Security Analyst will support the protection of our information assets from intentional or unintentional disclosure, modification, destruction, or denial of access through the implementation of appropriate information security policies, standards, guidelines, and procedures. The Analyst will lead and coordinate team activities to enhance our security and compliance programs.  and risk reduction goals.

The Senior Information Security Analyst plans, develops, coordinates, and assists with the implementation and enhancement of information security measures to provide access to our systems and information in a secure manner. The Analyst will conduct network and application vulnerability assessments for the organization, participate in penetration testing and detection activities, and support risk reduction activities for the organization.  

 Essential Functions & Primary Duties

  • Perform audits, risk assessments, and vulnerability testing (internal, external, application, database, and firewall) to identify potential threats with appropriate remediation strategies.
  • Manage and support our advanced threat detection solution including appliance deployment, maintenance, daily monitoring and investigation, working with vendor technical support, and the CBIZ Security Operations Center team.
  • Conduct research on emerging threats and mitigating security products, services, and standards to protect our systems, networks, and data. 
  • Assist with the development of security policy, awareness materials, presentations, and training sessions to ensure employee awareness of appropriate information security policies and controls.
  • Develop and implement, as required, the necessary monitoring and detection solutions to audit and enforce company policies, controls, and standards.
  • Participate in IT development projects to ensure that security issues are addressed, and execution of departmental controls, standards, and procedures are being performed as required.
  • Recommend, pilot, and deploy additional security products and tools, or enhancements to existing tools, to detect violations of network security measures and malicious activities.
  • Support and assist with security endpoint and email solutions, our system information and event management (SIEM), password vault, and network firewalls as needed with the focus on minimizing threats and exposure risks to CBIZ.
  • Support the Vulnerability Management program to identify, communicate, and track vulnerabilities and patches for critical systems and devices.
  • Identifies potential threats, investigates, and responds to reported security violations/incidents, and recommends and implements corrective actions by conducting security audits.
  • Assist with administration, support, and security assessment of our network assets. 
  • Provide advice and support for Information Security managed systems and vendors.

Preferred Qualifications 

  • Five or more years of experience including use of security best practices and frameworks.
  • CISSP or equivalent information security certifications are preferred.
  • Advanced knowledge of information security frameworks and standards including the NIST Cyber Security Framework and ISO 27002 Information Security Control standards.
  • Knowledge of security infrastructure best practices and controls for network firewalls, email services, end-point security, encryption, access management, and multifactor authentication.
  • Knowledge of cloud security with Microsoft Azure, O365, Active Directory Federation Services, and similar technologies to secure the cloud.
  • Experience with vulnerability management and scanning assessment solutions.
  • Understanding of data privacy and protection requirements relating to personally identifiable information and protected health information.
  • Strong interpersonal and communication skills.
  • Associates degree in Computer Science or relevant business experience.
  • Ability to work independently and with cross-functional teams.

Qualifications Required

  • College Degree or equivalent preferred
  • 5 years related experience
  • Ability to lead and coordinate the team activities of others
  • Proficient use of applicable and infrastructure technology
  • Ability to execute and draft technical instructions and guidelines
  • Ability to document daily control activities and system functions
  • Able to work in a team environment
  • Demonstrated ability to communicate verbally and in writing
  • Ability to travel as required by business and on-call availability

REASONABLE ACCOMMODATION

If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to accom@cbiz.com.

EQUAL OPPORTUNITY EMPLOYER

CBIZ is an affirmative action-equal opportunity employer and reviews applications for employment without regard to the applicant’s race, color, religion, national origin, ancestry, age, gender, gender identity, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.

PAY TRANSPARENCY PROTECTION NOTIFICATION