View All Party City JobsParty City
The IT Security Analyst is a supporting function to ensure our business operations and procedures comply with legal regulations and internal policies to all business units. The Security Analyst provides support to ensure that business systems are monitored and managed for threats while also performs a range of duties including evaluating all current and new threats. The Analyst will participate on the cyber incident response team as well as participate in investigative efforts by having in-depth knowledge of common security exploits, vulnerabilities, and countermeasures. The Security Analyst enforces and audits security controls, policies and procedures which safeguard the integrity of and access to enterprise systems on-prem as well as in the cloud that support all business units. The successful candidate will be an excellent communicator, with in-depth knowledge of the latest industry procedures and regulations. This role will report directly to the Manager of Security Operations.
- Stay current with the latest cyber security threat landscape and notify IT teams of applicability to the company’s systems.
- Conduct internal and external periodic vulnerability scanning/work with internal and external teams to remediate findings.
- Responsibilities require working evenings and weekends occasionally, sometimes with little advanced notice due to the needs of the business.
- Conduct internal and external penetration testing and remediation of findings.
- Provide companywide security alerts to known vulnerabilities.
- Automation of Security related tasks.
- Assess/quantify risk verses cost with the ability to balance the likelihood/impact of real threats with costs of mitigation will be critical.
- Perform semi-annual IT risk assessments.
- Facilitate training and education efforts as appropriate personnel related to security awareness and risks associated with technology, cyber and data security.
- Participate in Incident Management and work collaboratively with Risk, Audit and Legal teams. Is part of the Incident Response Team to respond to reported threats and incidents. This requires a period of “on-call” duty to respond to incidents as they occur.
- Coordinate data security log reviews in a timely manner and report on findings. Make recommendations for improvements.
- Monitor third-party service providers for compliance with information security policies and procedures.
- Responsible for monitoring IT systems for compliance and threats.
- Strong technical background in information systems, systems administration, network design, network traffic analysis, and disaster recovery
- Knowledge of networking, Microsoft Windows desktop systems, Microsoft Windows Servers, Linux, Active Directory, Web Servers, Microsoft Exchange, Oracle DB, Web
- Application Firewalls, and storage technologies.
- Applied knowledge of information security and compliance related issues involving PCI-DSS, PA-DSS, Sarbanes-Oxley, data privacy, and similar policies and laws.
- Experience with Control Tower, Guardrails, Cloud Trails, Hardening, audit logging audit logging within AWS required.
- Comp TIASecurity+ is a plus.
- Python, bash shell scripting, and/or powershell scripting is a plus.
- Bachelor’s Degree in Computer Science, Information Systems, or another related field or work experience.
- 1 to 2 years of experience with information security.
- Minimum of 2 to 3 years of IT work experience with a broad range of exposure to network, systems, application support, and/or database administration
Company: Party City
Vacancy Type: Full Time
Job Location: New York, NY, US
Application Deadline: N/A