Senior Information Security Analyst
Red HatRed Hat is the world’s leading provider of enterprise open source solutions, including high-performing Linux, cloud, container, and Kubernetes technologies.
About the job
The Red Hat Information Security Governance, Risk and Compliance team is looking for an Information Security practitioner to join our team. The majority of your role would include ensuring that highly technical security controls and administrative controls are adequately addressed in all aspects of enterprise architecture. As you grow and feel more comfortable in the position, opportunities for automation of controls and major improvements to our Enterprise Security Standard will become a large part of the position. A technical background and a true passion for all facets of Information Security will ensure success in this position.
What you will do
- Ensure systems and architectures are compliant with the company’s Information Security Operating Guidelines and Enterprise Security Standard. Perform security reviews, identify gaps in security architecture, and develop remediation plans.
- Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. Determine the security controls- that are required for information systems and networks to operate securely.
- Evaluate security architectures and designs for Software as a Service (SaaS) to determine the adequacy of security design and architecture proposed or provided in response to procurement requirements. Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
- Develop and maintain relevant security policies, standards, and guidelines to address evolving security threats, best practices, and business needs.
- Develop and maintain positive working partnerships with stakeholders to maximize security outcomes while meeting business needs.
What you will bring
- Ability to work as part of a globally distributed team using multiple communication methods to facilitate collaboration (e.g., chat, voice, video, email).
- Excellent verbal and written communication skills to convey information effectively and professionally to a wide variety of technical and non-technical audiences.
- Knowledge of concepts of computer networking, Linux and other operating systems
- Basic knowledge of Kubernetes or other container management systems,
- Knowledge of public cloud providers such as AWS, Azure, and GCP, and their corresponding security concepts and methodologies.
- Basic knowledge of industry-standard and organizationally accepted analysis frameworks and certifications such as NIST CSF, CIS, ISO 27001, SOC 2, PCI-DSS.
- Knowledge of information security defense and vulnerability assessment tools and their capabilities, including IDS, IPS, SIEM, EPS, and vulnerability management.
- Knowledge of cryptography and cryptographic key management concepts.
- Knowledge of network access, identity, and access management such as public key infrastructure, Oauth, OpenID, SAML, and SPML.
Preferred, but not required skills:
- Industry certifications such as Linux+, CISSP, CISA, or Security+ would be highly regarded.
- Familiarity with ServiceNow’s Policy & Compliance module, Vendor Risk Module and Vulnerability Response Module.
- Knowledge of risk management processes, including methods for assessing and mitigating inherent and residual risk using STRIDE or similar methodologies.
- Knowledge of privacy principles, laws, and regulations such as GDPR and CCPA.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure CCPA CISA CISSP Cloud Compliance Cryptography GCP GDPR Governance IDS IPS ISO 27001 Kubernetes Linux NIST OpenID Privacy Red Hat Risk management SaaS SAML SIEM SOC SOC 2 Vulnerability management
More jobs like this
Kyiv, Kyiv city, Ukraine … Kyiv, Kyiv city, Ukraine - Remote Full TimeSenior Senior-levelUSD 42K - 78K * USD 42K+ *
Junior Web Analyst for anti-malware product - Remote/WorkAnywhereCloud Linux Malware Privacy
Career development Flex hours Flex vacation Medical leave Unlimited paid time off
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Principal Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open C-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs