Senior Information Security Analyst

REI (Recreational Equipment Inc)

Sumner Washington

0 year(s)

Job Description
Senior Information Security Analyst



Posted Date: Mar-12-2021

Job ID: 19547

Job Type: Full Time

Job Function: Information Technology

City: Sumner

State: Washington

Store: HQ Employee At Sumner Distribution Center

Please visit the Covid-19 Hiring Updates before applying

What's cool about this job

Job Title: Senior Information Security Analyst

Location: REI; City: Sumner; State: Washington. Telecommuting within normal commuting distance of Seattle, WA is required, with at least monthly in-person meetings at Seattle-area REI offices.

Job Description: Responsible for evaluating the existence and effectiveness of information security controls across the Co-Op, using the REI common controls framework and related policies and standards as your guide. Understand and evaluate controls at a granular level, leveraging your technical background and auditing expertise to uncover potential gaps and areas in need of improvement. Report on findings and make recommendations that both address the security needs as well as help the business remain nimble and customer focused. Maintain and update the REI common controls framework, as needed, as technologies evolve and the business changes over time. Work with other Information Security functions such as Cybersecurity Threat Management, Third Party Risk Management, and Data Privacy to incorporate their needs within the REI common controls framework and related policy and/or standards. Lead risk based and security analysis to administer and maintain, proactively identify issues/gaps and lead initiatives to improve overall Information Security function, ensuring access rights are maintained and risks remains low in changing business requirements and changing risk and threat landscape. Monitor changes to information security overall and proactively identify the need for changes to existing policies and procedures based on changes to the risk landscape. Ensure compliance with all applicable internal and external Information Security requirements through coordination of internal and external resources. Proactively identify and lead to resolution issues/gaps and redundant procedures based on changing business requirements and changing risk and threat landscape. Demonstrate awareness of all information security trends, vulnerabilities, including and especially those influencing the retail and E-commerce industry. Consult with client and development area management and staff in the design and implementation of new or modified information security processes. Model and act in accordance with REI’s guiding values and mission. Telecommuting within normal commuting distance of Seattle, WA is required, with at least monthly in-person meetings at Seattle-area REI offices.

Bring your passion and expertise

Job Requirements: Bachelor’s degree in Computer Science, Information Management, Information Security, or a closely related field, or the foreign degree equivalent; and 5 years of progressive, post-baccalaureate experience performing information security analysis, including the following: 4 years interpreting cybersecurity laws and regulations and defining requirements for internal consumption; 4 years assessing cybersecurity maturity and providing recommendations based on industry frameworks such as NIST or ISO 27001/27002; 4 years evaluating security artifacts such as SSAE16, SOC1/SOC2, AOC, or similar for internal control environment effectiveness of 3rd party vendors; 3 years assessing vulnerabilities and/or security control gaps across all control domains/families utilizing vulnerability assessment practices and related technologies; 3 years developing and customizing IT controls frameworks for internal consumption; 3 years customizing and managing a GRC platform; 3 years assessing and reporting on effectiveness of security controls; 2 years managing vulnerability identification technologies; 2 years helping develop and maintain a security awareness training program; and 2 years in creating and/or maintaining cybersecurity policy documentation. Experience may be gained concurrently.

Job # REI01302021

At REI we offer an enviable work environment that Fortune Magazine has recognized on the "100 Best Places to Work" list since the award's inception – 23 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.

With more than 160 retail locations (and growing), REI offers unique competitive benefits to its more than 15,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.

REI is an Equal Opportunity Employer


Back to job search