Bi-State Development Information Security Analyst III in St. Louis, Missouri

Job Description


The Information Security Analyst provides leadership and direction for the planning, architecture, operation and monitoring of all IT security programs with an emphasis on PCI compliance. This role seeks to protect against the unauthorized access, modification, or destruction of Bi-State Development’s systems and information assets. On an on-going basis, this position will manage all activities across Bi-State Development (BSD) to ensure ongoing data security and validation with current security standards.

Essential Outcomes:

  • Assess and document security controls and vulnerabilities for data and user access across all BSD systems. Plan for mitigation and improvements utilizing best practices and current standards.
  • Monitor change control systems for system and network modifications and ensure they meet and maintain security standards.
  • Perform basic computer forensics as needed.
  • Evaluate, implement and maintain vendor supplied security hardware components & software packages.
  • Perform diagnostics for security problems and identify and analyze security risks.
  • Coordination of security assessments with internal audit and external vendors.
  • Identify and investigate security breaches and fraudulent activity within BSD systems.
  • Develop, maintain and manage PCI compliance program and other security initiatives. Develop project plans and execute efforts as necessary.
  • Develop security awareness and training programs for IT and employees who work with sensitive data.
  • Assist in the creation and management of IT Security and PCI Compliance policies, standards, procedures, and guidelines
  • Work with confidential information obtained through security scans and assessments of BSD systems.
  • Report status and progress on efforts to management as necessary. Required Skills

  • Knowledgeable with PCI Compliance standards and assessments.

  • Familiarity with network and application security including firewalls, VLANs, routers, switches, Linux and Microsoft Windows and VMware operating systems, Oracle and Microsoft SQL Server databases, ecommerce, PCs.
  • Key understanding of core Information Security Areas (ID & ACCESS Management, Threat & Vulnerability Management, Information Risk & Governance, Network and Application Architecture, Incident Response, Security Strategy).
  • Hands-on experience with designing, implementing and managing a enterprise-wide security program.
  • Seven+ years of experience in Information Technology. At least 4 years’ work experience in security systems and PCI compliance management.
  • Completion of one of the following recognized professional certifications: QSA (Qualified Security Assessor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), Certified Ethical Hacker (CEH). Required Experience

BS/BA or equivalent experience required. Master's degree preferred.

A minimum of seven (7) years experience in Information Technology or a related field.

Tracking Code: 292256-713

Job Location: St. Louis, Missouri, United States

Position Type: Full-Time/Regular