Skip to content

Careers

Transcend the day-to-day work experience. Work inspired.

Information Security Analyst (Incident Response expert)

Location:

Lowell - Massachusetts - USA

Function:

Information Technology

Ref #:

2019000508
Apply >

Description

This position works as part of a security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position serves as an internal information security consultant and will be responsible for designing, implementing, supporting and maintaining policies and security solutions in both operational and customer hosted environments. This position demands an organized, action oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus is required.

RESPONSIBILITIES
• Serves as an internal information security consultant to the organization
• Supports the incident response process, responding to security incidents across the organization that will vary in scope and severity
• Supports the development and advancement of the organization’s incident response program, executing strategic projects and initiatives to help advance the incident response maturity level
• Coordinates teams across the business as part of the incident response process to ensure the appropriate individuals are involved in incident containment, analysis and resolution
• Provides written and verbal updates and consistent communication to management as part of the incident response process
• Executes and oversees internal projects to help mature the incident response program. These may include process development/improvement, policy creation and maintenance and selection and implementation of technical solutions
• Provide support for IT projects, identifying risk specific to the project and actions necessary for remediation
• Supports the development, implementation, and management of security policies and procedures to ensure they remain aligned with business objectives and meet regulatory requirements
• Supports the development, implementation and management of security knowledgebase to include all company products and environments
• Provides expertise and support to ensure company’s security framework remains in compliance with applicable regulations including evolving data privacy regulations
• Perform additional duties and projects as assigned by management

Qualifications

• BS/BA degree in Computer Information Systems/Management Information Systems or related discipline or equivalent experience and 3-5 years related work experience in information security, governance and/or related functions (such as IT audit and IT Risk Management)
• In depth experience in security incident response and management including analysis of events, review of suspected malicious activity, identification of Indicators of compromise and providing guidance on resolution and remediation activities. MUST be able to strategize regarding IT and come back to the business with a plan
• Experience in security incident response in cloud environments including public and private cloud
• Experience with system implementations and identification of security related risks associated with such implementations. Ability to identify risks, identify action for remediation, communicate risk and remediation needs to project team
• Experience with information security management frameworks such as AT101 SOC 2, ISO, ITIL, CobiT, NIST to include development of policies, process and procedures within the environment
• Experience supporting regulatory and compliance programs such as HIPAA, PCI, MA 201 CMR 17
• Experience designing and implementing controls within corporate networks to include computer/network security and operating systems such as UNIX, Linux, and WINDOWS, as well as LAN/WAN internetworking protocols such as TCP/IP and network perimeter protection (firewalls)
• Strong technical background including Active Directory, firewalls and vulnerability scanning tools highly desired
• CISA, CISM, CRISC, CISSP, or similar security certification highly desired
• Excellent verbal and written communication skills to develop positive relationships and effectively communicate with employees, customers, auditors, business partners, and all levels of management
• Excellent analytical skills in order to identify security risks and appropriate measures needed to help mitigate those risks. Must be comfortable in conducting independent research of issues and inquiries in order to provide guidance when requested

#LI-POST

Corporate overview

You’re empowered when you’re a Kronite. 

Want to be part of an elite group of highly skilled professionals? We think our employees are a special group of talented, energetic, and innovative people. And for that reason, we refer to ourselves as Kronites. Kronites care about more than just work. We recognize the need to maintain a healthy work-life balance – to live inspired. In fact, it’s expected! You’ll soon learn that we take work and fun seriously. No matter what position you hold at Kronos, you’re a Kronite. And we want you to feel like you have the power to make a difference in your life and the lives of others, at work and beyond. Want to learn more about our culture? Follow us on Twitter @work4kronos. #MyWorkInspired

Kronos is a global provider of workforce management and human capital management cloud solutions. Kronos’ industry-specific workforce applications are purpose built for businesses, healthcare providers, educational institutions and government agencies of all sizes. Tens of thousands of organizations – including half of the Fortune 1000® - and more than 40 million people in over 100 countries use Kronos every day. 

EEO Statement

Kronos is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.