Sr. Information Security Analyst Job Description
We are more than a specialty finance company providing debt recovery solutions for consumers. We are a global team of over 4,000 employees whose daily mission is to empower consumers to begin their path towards financial recovery and build a better life for themselves and their families. We know that the only way to support this mission is by hiring exceptional people who bring a diversity of ideas, a collaborative spirit, and a passion for attaining breakthrough results. If you are results-driven, have a passion for helping others, and thrive in an innovative environment, this might be the right place for you!
The Senior Information Security Analyst provides expertise in the areas of cybersecurity system administration, production support, uptime monitoring, performance and effectiveness, as well as analysis of data from these systems and tools. This individual will be responsible for triaging alerts, investigating and responding to incidents, and implementing custom detections.
This role, at the senior level, brings a level of professionalism and business focus to effectively utilize and support multiple technologies focused on the network, system, and application levels of modern computing environments and manage related information security threats. Responsibilities include:
- Perform cybersecurity tool administration and production support of technologies and process used to enable a high degree of cybersecurity effectiveness
- Participate in technical design reviews, integration, testing, and documentation work
- Responsible for technical advisory to peer Information Technology teams
- Run vulnerability scanning tools, access administration technologies, intrusion prevention tools, firewalls, anti-malware, end point encryption and detection/response tools, as well as web application firewalls, logging, and security event and incident management technologies
- Apply system security administration principles to deliver effective solutions to application, database, operating system, cloud infrastructure, and embedded device administration
- Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security process and run books
- Configure Windows and Linux host-based security as well as network and cloud-based security systems
- Observe, analyze, and respond to cybersecurity alerts
- Collaborative analysis and response with internal and external partners, vendors, and contractors
- Research security vulnerabilities and define and implement appropriate countermeasures
- Define and analyze KPIs and KRIs for cybersecurity tooling
- Continual optimization of cybersecurity tooling through continuous service improvement process
- Assist our Encore entities with achieving and maintaining compliance with various information security frameworks (i.e. NIST Cybersecurity Framework, FFIEC, ISO 27001, etc.) and with industry and government rules and regulations as they relate to IT/security (e.g. SOX, PCI DSS)
- 5-8 years’ experience identifying threats and developing appropriate protection measures
- Bachelor's degree or equivalent experience in Engineering, Computer Science, MIS, CIS or related field (or equivalent combination of experience and education)
- Experience operating/designing/implementing security solutions such as: Security Information and Event (SIEM)/ Log Management, Governance Risk Compliance (GRC), Identity Access Management, IDS/IPS, Vulnerability Management, EDR, MFA, Cloud Security, Content Screening, etc.
- IT administration experience with Unix and Windows OS, network infrastructure and operations, data storage and backup, middleware in a distributed computing environment, and /or database implementation and administration.
- Strong understanding of IT and security operations, enterprise networking, systems planning and architecture
- Ability to build relationships with, understand business needs of, and deliver demonstrable value to management and executive teams
- Outstanding verbal and written communication skills
- 8+ years’ experience in similar roles
- CISSP, CISM, CCSP, CCSK, CCAK, AWS, Azure, and O365 certifications highly desirable
- Experience working in a SOC environment
What We Offer
We understand the important balance between work and life, fun and professionalism, and corporation verse community. We strive to support your career aspirations and provide the benefits you need to live a more fulfilling life.
Our compensation and benefits programs were created with an 'Employee-First Approach' focused on supporting, developing, and recognizing YOU. We offer a wide array of wellness and mental health initiatives, support volunteerism, and environmental efforts, encourage employee education through leadership training, skill-building, and tuition reimbursements, and always strive to provide promotion opportunities from within.
All these things are just a small way to show our employees that we recognize their value, we understand what is important to them, and we reward their contributions.
Encore Capital Group and all of its subsidiaries are proud to be an equal opportunity employer and value diversity at our company. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application and/or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation at Talent@mcmcg.com.