GMR Marketing

  • Information Security Analyst, Americas

    Job Locations US-WI-New Berlin
    Posted Date 1 month ago(1 month ago)
    Job ID
    2018-2946
    Category
    Digital Solutions / IT
  •  

    WHY YOU’LL LOVE THIS JOB //

    Reporting to the TBWA Worldwide Security Manager, Information Security Analyst will bolster the TBWA security team as the primary regional contact, help drive centralized security initiatives, collaborate with our 3rd party security partners, lead local investigations, and improve the overall security posture of the local TBWA offices. The Information Security Lead will help to establish and manage the security governance and risk management program activities driven by the Omnicom & TBWA centralized security teams.

     

    Knowledge/Skills:

    This role requires a strong technical skill set as the Information Security Analyst will also collaborate with global IT teams to implement, configure, and manage our tools. Hands-on experience in firewalls, SIEM, antivirus, cloud security, identity access management / two-factor authentication, and vulnerability management is a must. Candidates must be able to work independently and be solutions oriented with strong problem-solving skills.  This role requires collaboration with team members around the world with a goal of aligning TBWA and Omnicom security practices.

     

    YOUR IMPACT //

    • Perform information security audits for third party suppliers and vendors
    • Provide support in responding to prospective client RFPs, assessments and client audits
    • Manage and optimize worldwide use of firewall platform and other firewall products
    • Participate in implementation and management of TBWA/Omnicom security platforms such as endpoint protection, encryption, SIEM and more
    • Responsible for continually evaluating the security posture of our cloud environment against internal policy and industry best practices as well as providing remediation guidance for any issues
    • To assist, maintain and overview security posture for infrastructure and applications through regular testing (i.e. penetration testing and vulnerability scanning) and follow up on the remediation actions on the issues identified
    • Investigate security gaps and initiate, and take ownership for the delivery of, remediation activities for all identified issues
    • Monitoring and initial response to potentially-malicious or anomalous activity based on event data (log files and data outputs) from a wide range of IT systems components, including IDS/IPS, Firewalls, Web Access Security and DLP systems, and other sources.
    • Performing triage of incoming issues and escalation to, and liaison with, other operational areas as part of security incident identification and response
    • Participate in security incident investigations and perform initial forensic analysis
    • Generate security reports and internal security documentation
    • Other tasks as assigned

     YOUR EXPERIENCE //

    • Strong understanding of infrastructure security concepts, technologies, industry best practices, related forensics and metrics
    • Good understanding of security, administration, design, and implementation of Windows, Linux and Unix systems
    • Good technical knowledge related to Firewalls, DDoS, WAF, AV, FIM, IDS/IPS, VPN and encryption
    • Must have good understanding of cloud-based architecture and security controls as well as hand-on experience securely implementing AWS or other cloud services
    • Proficient understanding of security tools and techniques, including performing internal and external network vulnerability assessments and penetration tests, malware detection, and event alerting and correlation
    • Must have experience in incident response - capable of leading IR process and performing forensic analysis
    • Must be a self-starter with effective time management and organizational skills, with the ability to handle multiple, overlapping, and potentially conflicting priorities
    • Must have strong written and verbal communication skills and be comfortable interfacing with senior-level staff
    • Awareness of security codes of practice such as ISO 27001/27002
    • Awareness of relevant data protection laws and regulations e.g. EU Directives and GDPR, CCPA in US, or PDPA in Singapore

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    If you don’t see an opening that fits your unique career needs, be sure to connect with us! In doing so, you’ll be able to opt into the specific areas of interest and receive periodic updates on open positions and GMR Marketing news.