Information Security Analyst
At FROSCH we empower our travelers with sophisticated cutting edge technology. FROSCH has an opportunity for a full-time Information Security Analyst to join our team in the Houston office. We are looking for someone who is self-motivated, detail oriented and enjoys creative problem solving, to further advance and maintain our organizational security posture.
In this position, you will be responsible for handling the overall security program, including planning, project management, systems administration, security documentation and managing security compliance programs.
- Perform network and system security testing (threat hunting) to proactively identify security vulnerabilities and recommend / implement mitigation and remediation plans
- Work with the business and management to analyze current and emerging security risks and recommends security solutions and changes
- Participate in IT projects, such as security audits, disaster recovery testing, cloud transformation, server updates, and new technology implementations
- Create and maintain existing security and procedural documentation
- Routinely check various log sources and network monitoring tools for indicators of a security incident, events and alerts
- Develop automated scripts and tools to handle and track vulnerability remediation efforts
- Conduct routine assessments for rogue or unauthorized wireless access points / devices
- Monitor industry sources for emerging security risks, defenses, and best practices.
- Understand and interpret internal and external system security requirements (e.g., network segmentation) and plan the implementation and support
- Provides after hours and/or on-call support for network, security, and associated platforms.
- Intrusion Detection and Threat Vulnerability management
- Data event correlation
- Vulnerability analysis
- Penetration and vulnerability testing
- Incident response
- After-hour and weekend availability
- Embody FROSCH Core Values at all times: Respect, Integrity, Excellence, Communication, Commitment and Delivering the Unexpected
- Travel and/or hospitality experience preferred, but not required
- Experience with developing and executing security vulnerability test plans and procedures.
- Knowledge of penetration attack strategies for web services, databases, networks, basic forensic tools, and cryptography principles
- Experience in a PCI/DSS Compliant environment
- Knowledge of or experience in the following: SOC, ISO, GDPR, Privacy Shield, BCP/DR
- Minimum 3-5 years of experience in an information security role
- Bachelor’s degree in Computer Science or related field
- Hands on or working knowledge of the following:
- Security Administration tools (Firewalls, SIEM, Vulnerability Scanning, Anti-virus, Multi-Factor Authentication, DLP, Password Management, Wireless Access Points)
- Specific experience with Juniper Firewalls, Meraki WAP, Barracuda WAF, Symantec Endpoint Protection, DUO MFA and/or McAfee SIEM is a plus.
- Drafting organizational security and procedural documentation
- Hosted/Cloud Computing
- Management of a virtualized environment
- Opportunity to make a difference in a growing global company
- Strong collaborative environment
- Medical, Dental, and Vision benefits plus 17 supplemental benefits
- IATA and LifeMart benefits
- Gym Reimbursement
- Continued Industry Training
- Employee Recognition Program