Information Security Analyst
About the job
The Red Hat IT team is looking for an Information Security Analyst to join us. In this role, you will analyze and validate security controls, policies, and procedures to ensure requirements necessary to protect Red Hat and our business processes are adequately addressed. You'll ensure company information security policies, procedures, and standards support those missions and business processes. Successful applicants must reside in a state where Red Hat is registered to do business.
What you will do
- Implement information security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed
- Analyze and report on organizational information security posture trends
- Coordinate and conduct vendor risk assessments to ensure alignment with third-party risk management security standards
- Recommend mitigation of security deficiencies identified during security or certification testing and recommend risk acceptance to the appropriate senior leader or authorized representative
- Work with stakeholders to resolve information security vulnerability mitigation and compliance
What you will bring
- Proven history of working in a position of trust
- Ability to work as part of a globally distributed team using multiple communication methods to facilitate collaboration (e.g., chat, voice, video, email)
- Excellent logical thinking skills, passionate about solving challenging problems
- Excellent written and verbal communication skills to convey information effectively and professionally to a wide variety of technical and non-technical audiences
- Knowledge of risk management processes, including methods for assessing and mitigating inherent and residual risk using STRIDE or similar methodologies
- Knowledge of industry-standard and organizationally accepted analysis frameworks and certifications like NIST CSF, CIS, ISO 27001, SOC 2, PCI-DSS, and FedRAMP
- Knowledge of information security defense and vulnerability assessment tools and their capabilities, including Intrusion Detection System (IDS), Intrusion Prevention System (IPS), security information and event management (SIEM), events per second (EPS), and vulnerability management
- Knowledge of privacy principles, laws, and regulations like GDPR and CCPA
- Industry certifications like Security+, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) qualification or working toward professional membership in this field are a plus
About Red Hat
Red Hat is the world's leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Benefits
- Comprehensive medical, dental, and vision coverage
- Flexible Spending Account - healthcare and dependent care
- Health Savings Account - high deductible medical plan
- Retirement 401(k) with employer match
- Paid time off and holidays
- Paid parental leave plans for all new parents
- Leave benefits including disability, paid family medical leave, and paid military leave
- Additional benefits including employee stock purchase plan, family planning reimbursement, tuition reimbursement, transportation expense account, employee assistance program, and more!
Note: These benefits are only applicable to full time, permanent associates at Red Hat located in the United States.