What are the responsibilities and job description for the Sr. Information Security Analyst position at Kinsale Insurance Company?
Kinsale Insurance is looking for individuals who are passionate about security and technology. This Senior Information Security Analyst role will report to the Manager of Information Security and will help improve the security posture of the organization. Create, maintain, communicate, enhance, and monitor security policy, drive information security compliance, and manage risk across IT and the lines of business.
RESPONSIBILITIES :
Information Security Program Management
Maintain, report, and enhance enterprise vulnerability management processes and tooling
Facilitate the delivery of information technology audit compliance
Conduct risk assessments at the network, system, application, and vendor levels and assess results against policies, standards, procedures, industry best practice, and acceptable risk thresholds
Utilize risk management frameworks and control catalogs, such as the NIST Cybersecurity Framework (CSF) and CIS Critical Security Controls, as well as various audit processes to assess the organization's information security posture and make recommendations for improvement
Provide IT security requirements and guidance to IT and business stakeholders
Support delivery of the IT third-party risk management program
Manage, create, and update information security governance documentation
Prevention
Ensure employees receive initial and routine security awareness training; design and implement ongoing awareness activities
Design and deliver enterprise-wide internal phishing campaigns, and perform necessary data analysis for risk remediation
Identify security controls and formulate risk treatments plans to manage information security risks that fall outside of acceptable thresholds
Work with appropriate stakeholders to implement controls in alignment with IT governance documents
Create and review information systems security status, standards compliance, and deficiencies using key performance indicators, key risk indicators, and other metrics
Detection and Response
In coordination with information security team members, respond to IT security events, incidents, suspicious activity and / or alerts to prevent adverse impact to users, processes, systems, or data
Coordinate routine incident response tabletop planning activities and tests, including other areas of IT operations as appropriate
Coordinate routine disaster recovery planning, testing, and documentation
QUALIFICATIONS :
Bachelor's degree in computer science, technology, or related field preferred; equivalent experience will be considered
5 years of experience across one or more IT security domains
2 years of working with risk monitoring and tracking processes across a variety of security controls and driving remediation activities
2 years of experience working in an enterprise IT security, risk, or governance environment
Ability to balance appropriate information security controls with business risk tolerance
Experience with information security frameworks and control catalogs such as NIST CSF, CIS CSC, NIST 800-53, and ISO / IEC 27001 / 2
Experience with Sarbanes-Oxley (SOX) controls
Experience with U.S. state information security and privacy regulations such as NY Cybersecurity Requirements for Financial Services Companies, Virginia Insurance Data Security Act, and California Consumer Privacy Act is preferred
Detailed understanding of information security and compliance best practices
Ability to create reports and dashboards using commercial off-the-shelf tools such as MS Excel and PowerPoint
Excellent analytical and problem-solving skills
Strong communications (written and verbal) and collaboration skills
CISSP, CISM, CISA, or CRISC certifications are preferred
At Kinsale we offer the following great benefits :
Competitive salary with performance-based bonus opportunities
Single and Family Health, Dental and Vision Insurance plans with HSA funds contributed
Short-Term and Long-Term disability
Life Insurance
Matching 401(k) which starts on your first paycheck
Generous Paid Time Off and Holidays
Education dollars for training and certifications
Promotion from within the company with clear goals and developed career paths
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Sr. Information Security Analyst?
Sign up to receive alerts about other jobs on the Sr. Information Security Analyst career path by checking the boxes next to the positions that interest you.
