INFORMATION SECURITY ANALYST

We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS.  We are the United Problem Solvers.

ABOUT INFORMATION SECURITY AT UPS TECHNOLOGY:

The Information Security Analyst participates in the identification, tracking, and monitoring of information security threats and service operations. They'll utilize established processes and tools to focus on incident response, threat identification, analyses, and remediation.  This position participates in the implementation and integration of risk management procedures.  They'll support the processes for technical and physical risk management to protect UPS’s information assets.  This position assists with the development and maintenance of business continuity planning, data, systems, and network security for systems and controls related to their job duties.

ABOUT THIS ROLE:

This INFORMATION SECURITY ANALYST “Security Officer” role is responsible for approving and monitoring user access for healthcare-validated applications (including oversight of user provisioning & user role management).  Additionally, this position is responsible for performing periodic user access reviews and enforcing segregation of duty (SOD) requirements. You will:

• Review, approve and assign user access requests that are submitted via access provisioning request portals (SailPoint, ID Portal, APRS), and email
• Perform periodic access reviews of various supported applications (approx. 25), ensuring enforcement of the principle of least privilege
• Ownership of User Access Administration Work Instructions for approximately 12 applications, which are controlled documents in the Quality Management System
• Assist in examination of internal controls to determine design and operational effectiveness
• Assist with remediation of control deficiencies identified during audits
• Support IT compliance programs to ensure we are aligned with UPS organizational, regulatory, and risk obligations (including HIPAA and FDA 21 CFR 11 regulatory requirements)
• Establish and maintain information security and compliance metrics that are meaningful and actionable
• Responsible for monitoring and managing information technology processes in relations to user access provisioning to ensure compliance with GMP (Good Manufacturing Practice), SSAE16 controls (Service Organization Controls Audits), UPS Information Use and Security Compliance Manual, and UPS Standard Practice Manual.

MINIMUM QUALIFICATIONS:

• Minimum of 2 years of work experience in IT compliance or IT audit or Information Security
• I.T. Auditing fundamentals
• Information Security Controls
• Privileged Access Management
• Attention to Detail
• Effective Communication
• Project Planning
• Access Control Analysis
• Auditing Controls
• I.T. General Computer Controls
• Privileged Access Management
• Ability to follow detailed procedures and processes with a high degree of accuracy
• Possess the ability to multi-task and adjust to shifting priorities
• Possess strong verbal and written communication skills, as well as strong planning skills
• Ability to solve complex problems in a timely manner by working with multiple stakeholders
• Ability to work with moderate supervision

 PREFERRED QUALIFICATIONS:

• Must have a Bachelor's degree in Computer Science or Information Security or 2 years Information Security experience
• Familiarity and understanding of Information Security Management frameworks such as COBIT, NIST CSF or ISO 27001 is a plus
• Experience with data extraction using SQL, Microsoft Access or other tools is a plus
• Proficiency with Microsoft Excel and SharePoint is a plus
• Experience with FDA 21 CFR 11 compliance and Good Documentation Practice (GDP) is a plus

This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.

UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law

Founded on a $100 loan in 1907, 2 teenage boys opened up a messenger service in a 6 by 17 foot office located just below the sidewalk on Second Avenue and Main Street in Seattle, WA. Messengers ran errands, carried notes, hand baggage, and delivered trays of food for customers. They also delivered packages, traveling by streetcars and bicycles for longer trips, and later using motorcycles.