Associate Director, Security Analyst

Overview:

Founded in 1988 and headquartered in Atlanta, Trimont (www.trimont.com) is a specialized global commercial real estate loan services provider and partner for lenders seeking the infrastructure and capabilities needed to make informed, effective decisions related to the deployment, management and administration of commercial real estate secured credit.

We do this with a team of 400 extraordinary employees who serve a global client base from offices in Atlanta, Dallas, Kansas City, London, New York and Sydney. We empower our skilled global teams by equipping them with the necessary knowledge and advanced technology, as well as fostering a culture driven by values. This approach helps our teams excel and build meaningful client relationships, while providing the highest quality service and feeling proud of the work they do.

Trimont is an innovative firm where visionary professionals come to learn, grow, and thrive with colleagues driven by curiosity and collaboration.

Learn: We believe ongoing learning is critical and are focused on providing a work environment where individuals can take ownership of their careers.

Grow: We work alongside the largest institutional lenders in the world, overseeing the most significant projects in the industry. This unique opportunity allows us to broaden our skillset and develop our abilities by tackling some of the industry's most challenging and exciting endeavors.

Thrive: Our firm is a place where ethics and excellence meet to create an experience that matches our capabilities. There are no limits to what you as an individual, and we as an organization, can achieve together.

Job Summary:

This position plays a vital role in keeping Trimont’s proprietary and sensitive information secure while supporting adherence to the company security policies. Key to the success of this role is working to identify, assess, and remediate possible security risks in the company’s security systems, solutions, and programs while recommending specific measures that can improve the company’s overall security posture.

Responsibilities:

• Partner closely with our Security Operations Center as a Service (SOCaaS) on all relevant activities
• Investigate anomalous activity, suspect actions, and possible security breaches
• Complete the security component of the company’s third-party vendor assessment and monitoring program
• Respond to security audit requests to include internal (TISP) as well as external audits (SOC 1/SOC 2, CSP)
• Assist with client information security audits and client security questionnaires
• Coordinate vulnerability reviews to include vulnerability scans and PEN testing; address findings with the relevant department for full remediation and create reporting
• Drive the Monthly Termination Review and semi-annual User Access Review (UAR)
• Support the Security Awareness Training (SAT) program to include coordinating ongoing user training and threat campaigns
• Assist with overseeing any incidents and writing up incident reports
• Review and research alerts received (DLP, Encryption) and recommend configuration/system change if relevant
• Ensure the Incident Response Scenario (IRS) Playbooks are updated and tested annually
• Coordinate the completion and reporting of quarterly Firewall Reviews and Unauthorized Device scans
• Assist with periodic compliance reviews to ensure users are following security policies and procedures
• Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements
• Monitor effective completion of security patching for servers and user systems
• Assess and partner with technical teams on Identity Access Management best practices
• Provide insight into security controls for corporate technology projects
• Provide input into the information security policies, standards, and procedures taking into consideration security risk
• Stay up to date on security trends and recommend proactive changes to address evolving threats and risks to the organization or our clients

Required Qualifications:

• Bachelor's degree in computer science/related field or comparable certification (CompTIA Security , CISM)
• 3 years’ experience in information security or related fields
• Knowledge of security-based models, frameworks, and regulations (ISO, NIST, GLBA, AUB, EU Data Protection Regs, GDRP, CCPA)
• Knowledge of industry-standard hardware, software, and operating systems
• Experience with computer network penetration testing techniques and scanning tools
• Understanding of firewalls, Security Information Event Management (SIEM), patching, Single Sign On (SSO), Identity Access Management (IAM), Data Loss Prevention (DLP), Multi- Factor Authentication (MFA), and antivirus concepts
• Excellent communication skills, including the ability to communicate effectively both verbally and in writing through presentations and individual discussions with all levels of the organization
• Analytical skills necessary to demonstrate a high level of problem identification, solving and conflict resolution
• Ability to manage multiple priorities with strong organizational, management, and decision-making skills

Trimont is an equal opportunity employer, and we’re proud to support and celebrate diversity in the workplace. If you have a disability and need accommodation or assistance with the application process and/or using our website, please contact us. Trimont is a drug-free workplace.