security
Posted 16 hours agoSecurity Analyst III
at ONEOK
Tulsa, United StatesOn-site
Responsibilities
- Design and operate monitoring and improvement activities to ensure ongoing compliance with internal security policies and applicable laws and regulations Define and implement an ongoing security risk assessment program, which will define, identify, and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement remediation plans where appropriate in certain security functions.
Requirements
- Collaborate with other information technology personnel to ensure solution designs have appropriate information security controls Assist in the information security awareness, training, and educational activities for all personnel who have access to information assets Collaborate with delivery teams to design, develop, and implement secure solutions Education Bachelor's Degree in information technology, accounting, other related field, or an equivalent combination of formal education and the following job
- Experience in information technology, including significant security activities
- Experience developing information security and technology roadmaps
- Experience in a regulated sector. Familiarity with gas / utilities business processes
- Experience with key information security frameworks and governing bodies such as the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST)
Experience
- #WeAreONEOK – Fortune 500 company. 100+ years in business.
Additional details
- JOB SUMMARY Job Profile Summary Responsible for the design of certain security functions within the overall information security strategy, management system processes, programs, communications, and activities throughout the organization.
- Including but not limited to: Safeguarding organizational and customer information via design, implementation, and monitoring of security controls to prevent unauthorized access, exfiltration, and data loss Triaging Data Loss Prevention (DLP) events, investigating alerts, and tuning detection policies to prevent unauthorized data access, sharing, or removal Working closely with the Records and Information Management (RIM) team to drive alignment with data and records retention policies and procedures
- Contributing to other data protection and third-party risk security duties as assigned Essential Functions and
- Responsibilities Designs and refines certain functions within the information security framework that ensures confidentiality, integrity, and availability of information assets by protecting against unauthorized use, disclosure, modification, or loss Provides guidance for certain information security functions including developing process/technology roadmaps, determining appropriate organizational awareness activities, and advising senior management on changes in the technical, legal and/or regulatory
- Provide guidance of security risk assessments of third party relationships and associated corrective actions Assist in the information security incident response process and provide guidance to senior management related to incident escalation and resolution.
- Assist in the preventive monitoring of potential information security threats, investigation of alleged information security breaches and, if necessary, drive appropriate response to the breach Design, develop, implement, and maintain the identity and access management procedures to ensure proper user account provisioning.
- Experience researching, preparing, composing, recommendations, security documentation, flowcharts, standards, procedures, reports, and correspondence
- Experience interacting, advising, and communicating effectively