IT Security Analyst II
The TMNAS IT Security Analyst is an operational and functional resource role within the Technology Security and Risk Management function within the TMNAS IT Department. The TMNAS IT Security Analyst will enforce enterprise information security processes and solutions and will execute the vulnerability management and threat management programs. They will provide the maintenance of security standards and operating procedures and implement enterprise information security architectures and solutions.
- Contributes to the development and maintenance of information security strategy and architecture.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks.
- Provides access to systems to users based on approved requests.
- Assists in the installation of security software products for enterprise platforms.
- Implements access control lists for specific computer resources.
- Monitors security logs and systems for violations and unusual events.
- Complies with proper internal controls as necessary to conduct job functions and/or carry out responsibilities and/or administrative activities at the Company.
- Compiles security status reports and dashboards.
- Establishes and builds strong working relations and partnerships with IT peers and Business Units.
- Performs special projects and other duties as may be assigned.
Degree / Licenses and Professional Certifications
- Bachelor's degree in engineering, computer science, or similar major preferred.
- CISSP, SSCP, Security+ or CEH certifications preferred
- 5 years relevant IT operation experience.
- 1-2 years in information security preferred.
- Experience with domain structures, user authentication, network security, web application security assessment and vulnerability management preferred.
- Demonstrated experience administering and/or monitoring any of the following security control and technology areas:
- Endpoint Detection and Response
- File Integrity Monitoring
- Vulnerability Assessments Scanning
- Web Application Security Scanning
- Identity and Access Management
- Entitlements Management and Classification/Labeling
- Email Security – Phishing, DMARC, Data Leakage etc.
- Forensics and E-Discovery
- Endpoint protection and DLP
- Knowledge of typical organizational politics and political tactics; ability to effectively navigate formal and informal communication and decision-making channels.
- Knowledge, insight, and understanding of business concepts and processes that are needed for making sound decisions in the context of the company's business; ability to apply this knowledge appropriately to diverse situations.
- Practiced knowledge of pragmatic and risk appropriate security controls
- Knowledge and understanding around web application development and associated risks and vulnerabilities (OWASP)
- Hands on knowledge of Windows/Linux OS and most common security control tools
- Strong writing and communication skills.
- Strong customer service orientation toward Business Units requiring consultation (responsive, consultative, collaborative and accurate).
- Able to work with a group to set its objectives and agenda, generate allegiance to those objectives, and guide and motivate achievement.
- Interpersonal relationship building skills; able to work with a variety of people and groups in a constructive and collaborative manner.
- Analytical ability with the capability to determine the root cause of problems and issues and provide solutions.
- Applies organizational acumen to identify and maintain focus on key success factors for the organization.
- Superior attention to detail.
- Ability to juggle multiple, competing, frequently changing time-sensitive deadlines and priorities
- Ability to work independently and without supervision.
- Ability to work and lead effectively as part of a team.
Tokio Marine Group of Companies (including, but not limited to the Philadelphia Insurance Companies, Tokio Marine America, Inc., TMNA Services, LLC, TM Claims Service, Inc. and First Insurance Company of Hawaii, Ltd.) is an Equal Opportunity Employer. In order to remain competitive we must attract, develop, motivate, and retain the most qualified employees regardless of age, color, race, religion, gender, disability, national or ethnic origin, family circumstances, life experiences, marital status, military status, sexual orientation and/or any other status protected by law.