**Information Security Analyst
Posted on Jan 2, 2021 by H&R Block
What you'll do...
H&R Block is seeking a motivated entry-level security professional to join our information security team. Will be responsible for partnering with IT stakeholders to understand both current and future needs as it relates to security. Ability to define, document and assesses security requirements for moderately complex initiatives, including engagements with external third-parties. Responsible for supporting the security and integrity of both data and systems, including ensuring programs meet H&R Block information security requirements, identifying and understanding risks, and developing actionable mitigation plans. May seek guidance from more experienced associates on more complex information security concerns. Provides recommendations to the business on security best practices, regulatory and legal compliance, as well as contributing to an overall security culture and mindset.
What you'll do…
ESSENTIAL DUTIES AND RESPONSIBILITIES -
- Functions as front-line representative of The Information Security Team, partnering with the business to understand and assess moderately complex initiatives as they relate to information security.
- Provides information security-focused risk assessments of moderately complex projects and initiatives, including engagements with external third-parties.
- Supports large scope projects or leads activities in small to medium scope projects during analysis, design, construction and testing phases of projects.
- Partners with relevant stakeholders to ensure information security aspects of initiatives are addressed.
- Provides recommendations on information security best practices, H&R Block policy and standards, as well as regulatory and legal compliance.
- Supports the information security team in monitoring the environment for compliance with security policies, potential information security risks, or other anomalous behavior ; will escalate findings as required.
- Evaluates information security controls and identifies potentials risks, including helping to develop and following up on actionable mitigation plans. May seek guidance from more experienced associates when information security issues become complex.
- Contributes to an information security mindset and culture by communicating and reinforcing the organization's mission, values, and philosophy in the area of information security.
- Works closely with international peers to continue to evolve the security posture in a global environment.
About H&R Block...
We're here to live our purpose-to provide help and inspire confidence in our clients and communities everywhere. We take our work personally, because we know what it represents: Families and homes. Livelihoods and lives.
We've been true to that purpose since brothers Henry and Richard Bloch founded our company in 1955. Since then, we've grown to approximately 12,000 tax offices throughout the United States and around the world. When you join our team, you'll add to the momentum of a forward-thinking company-one that defined an industry and is now leading its transformation.
What you'll bring to the team...
- Bachelor's degree in a related field or the equivalent through a combination of education and related work experience.
- 3 years Minimum related work experience
- Demonstrated knowledge in information technology, information security, risk management, or business analysis.
- Strong analytical problem resolution skills with the ability to react quickly.
- Ability to take initiative, work independently, and effectively manage multiple work streams.
- Ability to build and maintain strong relationships with relevant stakeholders.
- Strong communication and task management skills.
- Ability to document and explain technical details clearly and concisely.
- Proven self-starter and willing to accept additional responsibilities as position expands.
- Ability to learn quickly and take on new responsibilities as the team evolves.
- A high degree of thoroughness and accuracy when completing tasks.
Some roles require:
- Understanding of quantitative risk management concepts and common frameworks.
- Demonstrated understanding of risk and compliance assessment methodologies.
- Experience performing information security reviews of third-party service providers.
- Industry certifications such as Sec+, Net+, AZ-900 or similar.
- Knowledge of network-based services, DevOps, client/server applications, mobile applications, enterprise systems and infrastructure, network architecture, or security infrastructure.
- Demonstrated Understanding of incident response processes and methodologies
- Participation in an on-call rotation
Set up alerts to get notified of new vacancies.