Information Security Analyst
Companies around the world rely on RapidResponse, our cloud-based platform, to manage their supply chains, monitor risks and opportunities, and respond at the pace of change. At Kinaxis, we’re constantly breaking new ground, using new technology to push the limits of what software can do, including how quickly it can handle big data. Our platform ensures that the products we need – everything from medicine and cars, to day-to-day items like toothpaste – make it to market and into our hands when we need them.
We are currently looking for:Information Security Analyst
Job location: our office in Tokyo, Japan
What you will do
The Information Security Analyst is responsible for day to day monitoring of security systems to ensure conformation with the information security standards and policies. This role will contribute in the creation and maintenance of Company-wide information security strategies.
You will work closely with the cross-functional teams within Kinaxis such as Corporate IT, SaaS Operations, Development, Business Systems teams, and technology partners to include security from the initiation stage through ongoing operations.
This role will report directly to the Director, Information Security, and is a member of the Security, Risk & Compliance (SRC) team. The SRC team is responsible for all security related matters for Kinaxis Corporate Systems and Kinaxis’ Software-as-a-Service offering.
- Monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs.
- Responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating e-mail borne threats such as spam and phishing
- Analyze activity trends in the Kinaxis environment using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts.
- Conduct threat scenario analysis to develop new use cases with relevant attack vectors, and develop attack scenarios in order to formulate hunting strategies to identify the presence of threats that are going undetected by existing security controls.
- Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities
- Perform in-depth investigation of events of interest identified during threat hunt activities or security alerts received from various security technologies as per defined investigation and response procedures.
- Participate in IT Risk & Security assessments and assist with developing information security strategies and appropriate policies.
- Provide guidance on ways to mitigate risks, strengthen defenses and reduce vulnerabilities.
- Collaborate across the company to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required.
- Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the Company.
- Understand potential and emerging information security threats, and vulnerabilities and communicate this information to appropriate team members throughout the Company on a timely basis.
- Participate in the Security Incident Response Process
- Train users and promote security awareness to ensure system security and to improve server and network efficiency.
What we are looking for
- Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or relevant work experience
- Minimum 2 years of experience as a SOC analyst or incident responder
- CISSP, CCNA Security, Comptia Security +, CISM, or GIAC certifications preferred
- Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, security operations, cloud security architecture, SEIM, operating system security, vulnerability and threat management
- Strong knowledge and deep understanding of complex network security principles / network concepts such as (gateway, http proxy, vlans, dmz, VPN, firewalls, etc)
- Strong knowledge and skill across operating systems such as (Windows, Linux, VMWare)
- Experience with authorization and authentication technologies such as SAML, OAuth, and OpenID
- Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., SSAE16, SOC 2, PCI DSS, HIPAA, GLBA, FISMA, NIST, ISO27000, CobiT, ISF, OWASP, SANS)
- Analytical and investigative skills
- Strong written and oral communication skills
If you want to be part a team that challenges you, moves fast, improves constantly, and makes a difference, let’s talk.
Kinaxis invites candidates to apply to its welcoming community. Accommodations are available upon request for applications in all aspects of the recruitment process. If you require accommodation, please contact Human Resources at firstname.lastname@example.org