Senior Information Security Analyst

Before you apply to a job, select your language preference from the options available at the top right of this page.

Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what it takes to lead UPS into tomorrow—people with a unique combination of skill + passion. If you have the qualities and drive to lead yourself or teams, there are roles ready to cultivate your skills and take you to the next level.

Job Description:

Job Summary

The Senior Information Security Analyst will be an integral part of a team responsible for collaborating with application support and infrastructure groups to develop executable disaster recovery plans. This role involves close interaction and collaboration with these groups to provide guidance and expertise on best practices for reviewing and exercising disaster recovery plans.

As a trusted advisor, the Senior Information Security Analyst works with technology and business stakeholders to drive, track, and resolve all aspects of disaster recovery plans and compliance readiness. This role requires effective communication of compliance activity results, remediation efforts, and reporting to a broad audience, including peers and senior leaders.

The position demands maintaining current knowledge of developing technologies, and applications. Additionally, the Senior Information Security Analyst guides and trains colleagues to enhance their skill sets and knowledge.

The Senior Information Security Analyst reports to the Information Security Manager of the Risk Analytics and Compliance team within the Information Security Governance, Risk, and Compliance (GRC) department.

Responsibilities:

• Subject Matter Expertise: Acts as a subject matter expert on disaster recovery compliance.
• Exposure and Knowledge Building: Gains exposure to UPS information security and disaster recovery program and mission, focusing on building knowledge and experience in business continuity and disaster recovery (DR) services
• Compliance Understanding: Understands the disaster recovery compliance requirements within the UPS Standard Practice Manual
• Application Team Collaboration: Works with application teams to assist in developing complete and high-quality disaster recovery planning (DRP) assessments
• Strategic Planning: Engages in strategic planning to improve and mature the disaster recovery program
• Operational Support: Supports the DR program by performing operational activities, including developing understanding of DRP assessments and exercise assessment templates
• Training and Awareness: Manages training and awareness campaigns, design, develop, and executes IT disaster recovery awareness campaigns and associated training to ensure compliance and quality of materials produced
• Compliance Reporting: Generates reports on DR compliance metrics by performing daily system operational audits
• Issue Investigation: Investigates issues and escalates as appropriate to support effective resolutions
• Audit Checks: Conducts audit checks, reviews completed DRP assessments and exercise assessments, assigns risk based on assessment review findings, re-audits previously reviewed plans with assigned risks, and conducts review meetings with plan respondents to provide appropriate guidance
• Internal Customer Support: Assists IT teams in developing clear, concise, and executable plans for recovery to ensure resiliency, investigates recovery plan resiliency issues and gaps, escalates as appropriate, tracks and manages remediation of risks and deficiencies identified during audits, and provides guidance and best practices in planning for exercises
• Customer Inquiries: Handles internal customer inquiries and concerns received via emails, Teams, and phone calls related to OneTrust GRC platform, Disaster Recovery Plan Assessments, general DR policies, and DR best practices

Qualifications:

• Bachelors’ degree in Computer Science, Computer Engineering, Information Security, or related field
• 3 years’ experience in Information Security role and/or Information security certification e.g, CISA, CRISC, CISM, GSEC, CBCP - Certified Business Continuity Professional

Employee Type:
 

UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.