Security and Compliance Analyst

SECURITY AND COMPLIANCE ANALYST LOS ANGELES, CA 12 MONTH CONTRACT

Did you know that CompuCom's employee benefits start on the first day of employment? Join COMPUCOM and enjoy our generous, DayOne Benefits(SM)!

The Security & Compliance Analyst will assist and support the management of the IT Information Security and Compliance Programs and internal controls related to regulatory requirements for SOX, PCI, HIPAA, and C-TPAT. The Security & Compliance Analyst will work closely with other IT and business partners to ensure and facilitate continuous compliance with enterprise information security policies, standards, and procedures. The Analyst will ensure the confidentiality, integrity, and availability of information assets. The candidate will provide technical leadership in support of implementing, maintaining, monitoring and troubleshooting a broad range of security infrastructure and will serve as the technical information security subject matter expert to assist teams in the development and implementation of secure business solutions. The Analyst will provide technical direction and support to more junior members of the Security & Compliance team and to other IT teams who require security expertise.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Security Operationsperiodic review of Firewall rules and access control lists
- Consulting, advising, and approving secure network design and architecture; documenting and keeping up-to-date network diagrams

Threat/Vulnerability Management

- Monitoring threat/vulnerability landscape and security advisories
- Performing threat/vulnerability assessments and periodic internal/external vulnerability scans on inventory of corporate assets to evaluate the security configuration of systems
- Recommendation of appropriate measures to remediate vulnerabilities such as patching
- Implementing controls to mitigate risk and ensuring secure configuration of systems
- Periodic port scanning to search for remotely accessible network ports and services that are vulnerable to exploitation and identifying any new unauthorized listening network ports

Policy Compliance and Configuration Management

- Maintains an asset inventory of hardware/software/systems/network devices and documenting configuration standards for each type of asset
- Ensuring and implementing secure configuration, security hardening, and policy compliance of all assets

Wireless Security

- Administration of Motorola Air Defense System (a wireless infrastructure management and intrusion prevention tool) to identify unauthorized wireless devices or configurations when they are within range of the organization's systems or connected to its networks
- Secure configuration of authorized hardened wireless clients, wireless access points, IPS sensors, and handheld devices

Regulatory Compliance, IT Governance,wireless technologies)
- Technical knowledge of operating systems (Windows, Unix, Linux) and databases (Oracle, SQL server, SQL queries)
- Required: Security Log Management and Monitoring

*CompuCom supports Employment Equity and Diversity*Dallas-based CompuCom Systems, Inc. is a leading provider of end-user enablement, service experience management, and cloud technology services to Fortune 1000 companies. CompuCom partners with enterprises to develop smarter ways they can work, grow and produce value for their business. Founded in 1987, privately held CompuCom has approximately 11,500 associates and supports more than 4 million end users in North America.