Senior IT Security Analyst

Job Description

The IT Security - Senior Analyst role will report to the Line of Business CISO. The role will work with a team of geographically distributed Merkle staff and contract employees. This role will support a broad range of security and risk disciplines including IT risk analysis, certifications (SOC I SOC II, PCI-DSS), internal audit, compliance, security controls (physical and logical), information security, and business continuity/disaster recovery (BC/DR). The IT Security – Senior Analyst candidates will demonstrate the ability to thrive in a fast-paced, dynamic environment, work independently, assess incidents/requests, and apply the correct level of urgency to achieve a mutually accepted solution, while providing exemplary customer service in support of Merkle’s information Technology vision. The IT Security – Senior Analyst shall have demonstrated previous experience with information security compliance or technical disciplines and have a strong drive to learn and grow their skill set.

• Due to the nature of this role candidates must be US citizens and live within the US
• Must have extensive experience supporting PCI-DSS certifications and audits
• Lead audits of IT systems and/or related operational process controls against established Merkle criteria, including analysis and reporting
• Working knowledge of HIPAA controls
• Effectively engage with external client audit staff to minimize high risk findings and exposure to Merkle by using sound judgment and discretion
• Execute dentsu IT processes (e.g. incident management, problem management, change management, emergency response and physical/logical security)
• Assist with development and lifecycle of policy, procedures, and processes
• Assist with incident management and disaster recovery operations
• Show an appropriate sense of urgency to respond to requests and queries
• Stay current with existing and emerging IT Risk management standards and practices
• Ensure that controls designed to ensure security and availability of the Merkle and client information technology environment are adhered to
• As the department and function evolves, remain flexible and participate in other duties as identified and assigned
• Assist with Platform BC/DR testing facilitation and maintenance projects
• Demonstrate support for the Merkle IT Guiding Principles
• Uphold and promote Merkle’s core values and culture

• Consistently complete assigned internal and external audits within agreed-to scopes and timeframes
• Consistently deliver reports and associated tasks, meeting or exceeding customer expectations on-time/budget
• Effectively manage day to day activities, and meet deadlines
• Exercise the appropriate degree of follow up with stakeholders and task owners
• Effectively lead more junior members of the team
• Demonstrate the ability to work as part of a team and share knowledge with team members.

Qualifications

• Must be a US Citizen living within the United States
• Strong background in PCI-DSS
• Working knowledge of HIPAA Controls
• Working knowledge of Information Security concepts including malware prevention; social engineering; emerging threats; attack vectors and vulnerability management
• Working knowledge of IT practices/infrastructure/systems and how IT delivers services
• Working knowledge of end user productivity and collaboration tools including Microsoft Office, Skype for Business and SharePoint
• Ability to maintain focus through conflict and challenging situations with positive outcomes for Merkle and its clients
• Possess effective presentation skills and the ability to convey IT risk concepts clearly and accurately
• Self-starter and the ability to work independently
• Ability to multi-task and prioritize workloads and adapt to changing business conditions
• Proven analytical, critical thinking, and problem-solving skills
• Excellent collaboration and verbal and written communication skills

• 2-4 years of IT Security, Risk, Audit, or information system experience in a dynamic enterprise IT environment
• Experience working with security and/or audit frameworks
• Experience performing IT audits and analyzing risk using industry accepted methodologies highly desired
• Experience planning, facilitating and assessing the success of BC/DR testing
• Knowledge of AWS and Azure Cloud are a plus
• CISA and CISSP Certifications are a plus

Additional Information

At Merkle, we believe that a diverse environment improves us as a community and as a business. We want to foster an environment of growth, where all ideas and contributions are encouraged. We need this culture of courage to continue to thrive in our fast-paced industry. We embrace differences of opinion. We value diversity of experience and thought, which help us to challenge and define industry-leading solutions, and support our goal of being a great place to work.

Merkle

#LI-BC1