IT Operations - Security Analyst

Position Overview

Security Analyst position will take ownership of and facilitate the processes around software security assessments, approvals, spend requests, website URL whitelisting, and deployment requests. Annalect has hundreds of unique software solutions that drive our business where each needs to be evaluated and reviewed for risk prior to use. From new software use requests to annual reviews and renewals, this position is critical in ensuring a safe computing environment for our end-users and clients.

This position will partner closely with our parent company who conducts the software risk assessments with vendors and makes many of the approval decisions within the workflow. You will be involved in tasks from assessing software requests against others already in use to tasks administrative in nature such as following up on requests to external entities.

The ideal candidate will thrive in a work environment that requires strong problem-solving skills, critical thinking, and independent self-direction, coupled with an aptitude for team collaboration and open communication. They have a great understanding on how software works, the value it provides to end-users, the nuances and uniqueness to each solution, and the risks associated with introducing new software into an organization. This is someone who can be collaborative, strategic, and innovative, as well as excellent at tactical implementation and operational excellence.

Key Responsibilities:

• Maintain a strong customer service focus and drive.
• Manage and perform tasks related to software security assessments.
  • Vendor research (reviewing internal resources, vendor websites/documentation, and interviews with end-users and vendors) to obtain information needed to successfully proceed with the software request.
  • Identify workflow steps required based on request and business rules.
  • Create and update tickets to software (vendor) risk assessment teams.
  • Manage and track all sub-process tickets and approvals.
  • Create and update tickets to software (vendor) spend approval teams.
  • Update all internal software records (results of risk assessment, spend approval, end-user licensing, renewal dates, etc.).
  • Ensure yearly renewals are facilitated if continued use is needed.
• Manage and perform tasks related to deploying software to end-users that allow other teams to successfully install and / or provide the software to end-users via self-service methods.
  • Learn and understand software requirements and how the software is installed if applicable.
  • Create and update ticket requests to software deployment teams.
  • Create knowledgebase articles for the Service Desk to follow to facilitate end-user manual install of software if applicable.
  • Facilitate process if new versions of software are released from vendor that have already been onboarded.
• Manage and perform tasks related to end-user requests to allow access to a currently blocked website.
• • Capture and understand end-user business case for requiring access to blocked website.
  • Create and update ticket requests to appropriate teams to obtain risk acceptance approval and to facilitate the unblocking of the site for identified users.
• Ensure yearly renewals are facilitated if continued use is needed.
• Track requests and update internal systems as needed.
• Follow-up with task owners to ensure request continues to move through workflow.
• Meet SLAs and deadlines.
• Communicate routinely with business stakeholders and leadership to ensure a shared understanding of progress is achieved including what is complete, incomplete, risks to escalate and impact on the delivery plan.
• Ensure all tickets are updated with latest information and all appropriate parties are updated on requests.
• Collaboration with multiple teams including GRC, IT, and Procurement.
• Monitor and assist with software renewals.
• Comply with policies, procedures and controls related to Sarbanes-Oxley, ISO27001, and other regulatory frameworks.
• Quickly and accurately determine request scope and impact ensuring that proper escalation is handled appropriately if needed.
• Create and update appropriate knowledgebase support documentation for your assigned duties.
• Other duties as assigned.

Required Skills

• 3-4 years’ Experience
• Associate Degree in Security Management, Computer Science, Information Systems or 2+ years equivalent experience.
• Strong work ethic and proactive customer service orientation.
• Strong communication, time and task management skills.
• Experience working in an environment with an outsourced Service Desk team.
• Experience working with end-users, vendors, and/or supporting teams via email, instant messaging, or virtual calls.
• Experience taking ownership and facilitating a complex business process from start to end.
• General experience working with various software solutions utilized in a business environment.
• Knowledgeable on software installs for both MacOS and Windows devices.
• Experience working in ticketing systems such as ServiceNow.
• Experience with Microsoft Office software including Excel and Teams.
• Ability to present technical information in easily understood terms in both verbal and written form.
• Ability to work under and meet deadlines.
• Comfortable working in a fast-paced, start-up like environment