Security Analyst I (58273)

Overall Summary
: As a member of the Security Team, the Security Analysts are responsible for the management of the governance, risk, and compliance aspects of AAA Northeast.
The Security Analyst provide security recommendations on projects across the Club and ensure that the Club stays compliant with its various regulations and standards.
Summary
: The Security Analyst I will support the identity management, risk management, audits, and compliance programs at AAA Northeast. Those programs align with various standards like NIST, PCI-DSS, as well as the AAA Cyber Security Standard and include the vulnerability, threat intelligence management, and identity management.

• Assist Security Analyst II and Sr. Security Analyst to maintain compliance with various IT standards and regulations by:

• Tracking compliance with the standards
• Documenting identified gaps between our current controls and the requirements and tracking the action
• Assisting external auditors with their assessment of the AAA Northeast compliance or security posture
• Updating dashboards for the management

• Actively participate in the vulnerability management process by:

• Collaborating with other teams to implement the relevant remediations
• Ensuring the vulnerability management process is followed-up
• Update relevant dashboards and status updates as suggested by the Security Analyst II and Sr. Security Analyst

• Support the Security Analyst II and Senior Security Analyst in risk management operations by:

• Collecting necessary documentation from third-party vendors
• Documenting security analysis of the risks and threats during projects and recommendations on the security controls needed to meet AAA Northeast security expectations and requirements
• Implementing regular and automated controls of the infrastructure as defined by the Security Analyst II and Senior Security Analyst

• Support Security Analyst II and Sr. Security Analyst with the identity governance and administration program:

• Setup user access review for various applications
• Follow-up on user access reviews with relevant owners and business lines
• Help collect, document, and track business lines needs around users and role accesses.

• Support Security Analyst II and Sr. Security Analyst with their interactions with Business Lines:

• Help collaborate with business lines during audits and security tests
• Help collect, document, and track business lines needs and specific risks to take into account in our risk management program

Qualifications
Education
: Associates in Computer Science, Business Analytics, or other related field
Bachelor's preferred
Experience
: 1+ years related IT experience, preference for information security or risk management
Skills

• Ability to travel domestically.
• Ability to work occasional off hours as well as part of a 24x7 on-call rotation

Technical Skills

• Understand key security vulnerability, risks, and threats concepts
• Ability to think analytically, communicate complex issues, and develop control recommendations
• General knowledge in security and one or more relevant areas of technical specialization; application development, change management, or operations
• Effective written and verbal communication skills with the ability to present control analysis and recommendations with clarity and professionalism
• Ability to work independently, set project goals, and achieve milestones with minimal direction
• Ability to work collaboratively, across teams, driving toward common goals, and working within standardized processes

Certifications Preferred
CompTIA Security+ or other entry level certification is preferred but not required. CompTIA Security+ will be required within one (1) year of employment.