The Sr. IT Security Analyst is responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise. Assesses information risk and facilitates remediation of identified vulnerabilities with the Bank network, systems and applications. Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies. Performs assessments of the IT security/risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program. Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios. Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings. Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications. The IT Security/Risk Analyst assists in all IT audits, IT risk assessments and regulatory compliance.

• Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.
• Address questions from internal and external audits and examinations.
• Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements.
• Facilitate IT security/risk training curriculum.
• Serve as project manager/lead within IT security projects.
• Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the organization.

This position requires regular, predictable and timely attendance at work to meet department workload demands.

• Bachelor’s Degree, Information Systems, Computer Science, Information Security or related field required.
• 7-10 years IT security or information security experience with a proven ability to engage with Senior Management and implement information security solutions.
• 4+ years experience in administering IT security controls in an organization.
• Thorough understanding of Information Security principles, frameworks, as well as industry standards & practices such as CIS and SOGP. Understanding confidentiality, integrity, and availability tried.  Experience with SOX, JSOX, ISO 27001, CTPAT, TISAX, or NIST a plus
• Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
• Experience with security tools such as SIEM, firewall, EDR, EPP, NDR, vulnerability management, Secure email gateway, and DNS filtering. Experience with Cisco security suites, Splunk, Palo Alto, Fortigate, and Rapid 7 a plus.
• Ability to secure and respond to threats in a multi-cloud environment including configuring and maintaining cloud security posture management.
• Strong understating of with Microsoft operating systems, Linux operating systems, Microsoft Azure, Google Computing Platform, and mobile devices. Experience with application security a plus.
• Experience with Data classification and data loss prevention.
• Certified Information Systems Security Professional (CISSP), or related certification.
• Project management skills preferred.
• Windows workstation and server administration experience preferred.
• Prior experience performing security reviews and risk assessments preferred.

The above statements are intended to describe the general nature of work being performed. They are not to be construed as an exhaustive list of all responsibilities, duties and skills required.

Benefits

Yusen offers a generous Employee Benefits Package including:

• Medical, Dental, and Vision beginning the 1^st of the month following start date
• 401k with a company match
• Flexible Spending Accounts, Life and Accidental Death & Dismemberment Insurance, Short & Long Term Disability, Tuition Assistance Program, Commuter Benefits, vacation, and much more.

Any and all benefits offered are subject to the eligibility requirements, terms, and provisions set forth in the respective policies and plan documents, which you may request from Human Resources.

About Yusen Logistics (Americas)

Yusen Logistics is working to become the world’s preferred supply chain logistics company. Our complete offer is designed to forge better connections between businesses, customers and communities – through innovative supply chain management, freight forwarding, warehousing and distribution services. As a company we’re dedicated to a culture of continuous improvement, ensuring everyone who works with us is committed, connected and creative in making us the world’s preferred choice.

www.yusen-logistics.com/

Yusen Logistics (Americas) Inc. values each individual employee and is committed to a diverse and inclusive workforce by providing equal employment opportunities for all applicants without regard to race, religion, color, sex, national origin, citizenship status, uniform service member status, age, disability, sexual and gender orientation, genetic information, or any other protected status in accordance with all applicable federal, state and local laws.

Los Angeles County Only: Yusen Logistics (Americas) Inc. will consider qualified applicants with a criminal history pursuant to the California Fair Chance Act. You do not need to disclose your criminal history or participate in a background check until a conditional job offer is made to you. After making a conditional offer and running a background check, if Yusen Logistics (Americas) Inc. is concerned about conviction that is directly related to the job, you will be given the chance to explain the circumstances surrounding the conviction, provide mitigating evidence, or challenge the accuracy of the background report. Find out more about the Fair Chance Act by visiting the Civil Right’s Department Fair Chance Act webpage.