Information Security Analyst

Learn what makes QTS a unique place to grow your career! (~~~)

The Information Security Analyst (ISA) , will be a contributing member of the Information Security Office (ISO) in the design, support, and execution of information security solutions and services using a risk based approach. The ISA will work directly with all QTS business units in support of maintaining and identifying opportunities to improve the information security posture of both QTS and its customers. The ISA will be an active participant in the daily execution of information security related compliance controls including monitoring, scanning, analysis, reporting, validation, and evidence archival. Where appropriate, the ISA will serve QTS and its customers in a consultative role as a corporate information security subject matter expert, SME. Prospective candidates will have solid and proven experience in information security and compliant controlled environments. Strong time management, organizational, and multi-tasking skills are crucial to ensuring success in this position.

RESPONSIBILITIES - Other duties may be assigned

• Provide technical, business, and information security analysis support in the design, development, and implementation of vulnerability management processes.

• Own and manage roles, groups and permissions within assigned information security tools.

• Organize and prepare various vulnerability scan result outputs and reports.

• Provide statistical reports to management on vulnerability remediation progress.

• Serve as primary contact for technical vendor management for assigned tools.

• Lead the execution, organization, verification, reporting, and evidence archival of User Access Certification campaigns.

• Coordinate multiple vendor and authoritative resource vulnerability notifications to aggregate a weekly internal notification to all QTS technical lines of business.

• Review and analyze daily audit reports for indications of possible information security incidents and indicators of compromise.

• Contribute to the management and scheduling of information security and compliance related vulnerability scans.

• Participate in the vulnerability management process through the review, analysis, validation, reporting, and evidence archival of remediation efforts.

• Provide advice on information security issues related to the systems and workflows at QTS to ensure internal security controls for the organization are appropriate and operating as intended to meet compliance requirements.

• Participate in information security incident response activation as necessary.

• Contribute to the performance of regular corporate risk assessments and business impact analyses.

• Provide information security advice and guidance to Corporate Lines of Business (LOBs).

• Assist management with the development and publishing of Information Security policies, procedures, standards and specifications.

• Participate in Corporate and Client facing audit engagements, as requested, to ensure QTS adherence to applicable standards and compliance initiatives (e.g. NIST, FedRAMP, PCI DSS, SOC I & SOCII, and others)

• Collaborate with QTS business units and law enforcement agencies to manage security vulnerabilities.

• Participate in the design, review, and support of information security solutions to reduce the Corporation's risk profile (e.g. Network/Host IDS, Vulnerability Scanning and Management, & Incident Response)

• Conduct security research towards keeping abreast of the latest information security issues; researching and reporting on security trends and emerging industry solutions.

BASIC QUALIFICATIONS:

• 4 year degree in computer science or related field or equivalent experience.

• Minimum of 5+ years in Information Security Services, IT audit, and/or Risk Management.

• Completion of at least one (1) security related certification (e.g. CISA, CIA, CFE, CISM,CISSP, SSCP, CEH, CIPP, GIAC or CBCP)

• Minimum of 2 years hands-on operational experience with a GRC platform, preferably Keylight GRC.

• Minimum of 2 years experience delivering on compliant controls related to PCI DSS, FedRAMP, or SOCII.

• Ability to travel up to 25%

• US Citizenship is required by law for this position due to federal customer contracts

PREFERRED QUALIFICATIONS:

• A thorough understanding of network and system based attack vectors.

• Solid understanding of information security related concerns in the deployment of firewalls, switches, routers, DNS, IDS/IPS, cloud infrastructure, and log management.

• Working knowledge of various compliance regulations and IT/security frameworks/standards (e.g. PCI DSS, HIPAA, FedRAMP, FFIEC, FINRA, ISO20000, ISO27000, ITILv3, NIST, SAS70).

• Knowledge of the Managed Services Provider industry is a plus

• Knowledge of Managed Security Services Provider industry is a plus

KNOWLEDGE, SKILLS & ABILITIES:

• Highly motivated, team oriented individual with excellent oral and written communication skills.

• Strong interpersonal skills to build/maintain ongoing business relationships with employees, vendors, and clients at all levels of an organization.

• A capacity to thrive in a dynamic environment where daily priorities can change frequently.

We conform to all the laws, statutes, and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women, minorities, individuals with disabilities and veterans to apply to all of our job openings. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, Genetic Information & Testing, Family & Medical Leave, protected veteran status, or any other characteristic protected by law. We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer or the government, or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.

The "Know Your Rights" Poster is included here:

Know Your Rights (English) (~~~)

Know Your Rights (Spanish)

The pay transparency policy is available here

Pay Transparency Nondiscrimination Poster-Formatted (~~~)

QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to ~~~ and let us know the nature of your request and your contact information.

QTS Data Centers was built around the Core Values of Integrity, Character, and Trust. We prioritize family, faith and community involvement while leading with strong, honorable, and principled behavior. We started this journey in 2003 when our CEO, Chad Williams, purchased his first data center in Overland Park, KS. Humble beginnings that have led to 35+ data centers and growing. Recently privatized in a $10 billion transaction with Blackstone, one of the most notable real estate investments companies in the world, QTS is positioned to execute on a global expansion initiative and we are looking for the best and brightest to join our team.

At QTS, we're fearlessly leading the way by redefining what it means to be a data center provider. QTS is entrusted with providing world-class data center solutions to enterprises, government agencies as well as the largest and fastest growing technology companies in the world. We deliver a fully-integrated platform from top to bottom - one enabled by technology and world-class infrastructure. Simply put, we're innovating to stay ahead of the curve.

We are powered by people.

And we'd like to invite you to join us.

In addition to a variety of benefit packages, QTS goes above and beyond for our employees:

• Roth and Traditional 401(k) matching contributions with immediate vesting

• Every employee is bonus or commission eligible

• Generous PTO Accrual plus additional Paid Volunteer Days

• Paid Holidays Annually/Holiday compensation when worked

• Pet and Legal Insurance

• Q-Rest Sabbatical Program

• Q-Anniversary Service Award Program

• Parental Leave for primary and secondary caregivers

• Military Benefits Package

• QTS Charitable Matching Gift Program

• QTS Scholarship for Employee Dependents

• QTS Crisis Fund

• Wellness Program

• Tuition Reimbursement Program