Overview
Entegral is seeking a motivated, adaptable, career-minded teammate who would like to utilize their skill set in a thriving agile-methodology environment. We offer competitive career advancement opportunities, a comprehensive benefits package and promote a work-life balance. We're in search of talented people who are inspired by big challenges, driven to learn and grow, and dedicated to making a meaningful difference.
ABOUT THE ROLE
The Senior Security Analyst is part of the Entegral Security Team. This role is responsible for the organization's security posture and primarily responsible for performing security and risk assessments, validating risk remediation, and providing guidance to IT stakeholders. The Senior Security Analyst must be highly analytical, driven, organized, effective collaborator and communicator, who can translate technical requirements into common terminology, understand applicability of security requirements to IT systems, and can identify potential threats and translate into risk.
Want more jobs like this?
Get jobs delivered to your inbox every week.
ABOUT ENTEGRAL
Entegral is a SaaS business-to-business solution that enhances the customer experience from the moment after an accident to the completion of the claim. Entegral is an integrated software platform that enables communication and collaboration between tens of thousands of collision repair shops, insurance providers and other industry professionals around the world. Owned by Enterprise Mobility, the world's largest car rental provider and operator of the Enterprise Rent-A-Car® brand, Entegral complements the value of Enterprise's acclaimed Automated Rental Management System (ARMS®) software by increasing efficiency throughout the claims process.
We are a global organization that strives to provide an inclusive environment where all employees can thrive. Our products reflect the diversity of our team and we work to ensure that our products meet the needs of all of our customers. At Entegral, we recognize the value of diverse perspectives in everything we do and strive to ensure employees of all backgrounds feel empowered to voice their ideas and bring their authentic selves to work. We achieve these priorities through inclusive programs, benefits, and initiatives that are integrated into the fabric of how we work every day. We refine and challenge our Agile mindset through various communities of practice, days of development, and innovation days.
Our culture values diversity, engagement, and discovery and we welcome you to join our team.
WHAT WE OFFER
We are a remote-first organization with remote and hybrid employees aligned to flexible teams from office locations in California, Missouri, Wisconsin and the United Kingdom. Residents of the following United States are invited to apply for remote work opportunities, as these are the locations Entegral has business licenses: AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, PA, TN, TX, VA, WA and WI.
Entegral is an equal opportunity employer committed to hiring a diverse workforce.
The compensation information below is provided in compliance with job posting disclosure requirements in New York.
Pay Range: [$130,300 - 162,000.00]
Actual base pay will depend on varying circumstances, including the position, location, individual qualifications, market finances, and other operational business needs. Depending on the position, compensation may also include bonuses.
Entegral also offers a benefits package including paid vacation, paid parental leave, sick leave, and flex days; medical, dental, and vision insurance benefits; dependent spending account, health savings account, life and disability insurance; fertility benefits, Employee Assistance Programs; profit sharing and 401(k) employer match.
Responsibilities
- Define, develop and implement capabilities to manage third-party cybersecurity risks.
- Provide guidance to help others understand the interrelationships between threats, gaps, and impacts in our system or application security.
- Lead the implementation and communication of recommended strategic solutions to situations, process or technology practices across IT and company
- Collaborate with others to lead the functional life cycle of security policies and programs; leads identification, communication and influence of security procedures impacting organizational change
- Research and interpret a wide range of complex security controls related to future concepts; collaborates across the company to influence designs and development of solutions
- Communicate solutions necessary for the protection of all information processed, stored, and transmitted by the Company
- Communicate and influence new security policies, frameworks and regulations into operational processes
- Apply advanced cybersecurity and privacy principles (relevant to confidentiality, integrity, availability, authentication, and non-repudiation) in multiple areas
- Lead the influence and consultation for the implementation of the Information Security strategy and planning of projects for the department, and company
- Highlight and advise of internal and external risks and context to educate users across the company to ensure they understand and adhere to security procedures and compliance requirements
- Lead and own documentation company wide and offer technical guidance to create, apply, and measure organizational policy, procedures, to meet security objectives in accordance with interpreted laws, regulations, and internal policies. Influences and communicates across the company to impact change
- Takes an active role in applying advanced methods to identify wide range, large and complex cyber threats, recognizing and categorizing types of vulnerabilities and mimicking threat behaviors to help with future concepts
- Participate in and conduct audits (internal, SOC2, etc)
Equal Opportunity Employer/Disability/Veterans
#LI-REMOTE
Qualifications
Required:
- Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
- Minimum, high school diploma or GED
- Must be at least 18 years of age
- For flexible or full remote work from home positions, reliable high speed Internet connection and dedicated work space are required
- Must be located in one of the following locations: AZ, CA, FL, IL, LA, MD, MI, MN, MO, NJ, NV, NY, OH, OR, PA, TN, TX, VA, WA or WI
- 5+ years experience in Information Security domain
- 3+ years experience in IT Security Governance, Risk, & Compliance with direct experience performing risk assessments, assessing security controls, developing and drafting security remediation plans
- Heavy hands-on administrative experience with GRC tools, experience with Navex is a plus
- Solid knowledge of security industry standards such as PCI DSS, NIST 800-53, ISO 27001/2, and NIST CSF
- Solid knowledge of regional (state) and global (GDPR) privacy regulations
- Experience defining, developing and managing processes over third-party cybersecurity risks
- Experience in reviewing and completing security questionnaires
- Experience reviewing compliance and security reports (SOC2, ISO, etc.)
- Security-related certification such as CISSP, CISA, CISM, CRISC
Preferred:
- Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or equivalent combination of education and experience is preferred
Qualified Candidates Should Also Possess:
- Proven experience in working effectively in cross-functional teams and the ability to establish, foster, and maintain relationships across the organization
- Advanced critical thinking, problem-solving and data analysis skills with excellent attention to detail
- Strong documentation, communication skills, and the ability to deliver formal and informal presentations to a diverse audience
- Knowledge of various IT systems and components related to a cloud native SaaS environment
- Knowledge of Information Security and Governance in a SaaS environment