Skip to main content

This job has expired

Information Security Analyst

Employer
The Washington Post
Location
Washington, DC
Closing date
Dec 22, 2019

View more

Industry
Security
Function
Analyst, Security Engineer, IT
Hours
Full Time
Career Level
Experienced (Non-Manager)
Send job

Job Details

Application Instructions

Please list all professional experience and explain any gaps in employment history.

Job Description

The Washington Post was named the #8 Most Innovative Company in the world by Fast Company in 2018 and maintained our title of #1 Most Innovative Media Company - an award reflective of our dedication to transformation, integrity and quality. We are combining our agile, high-performance engineering team with 138 years of world-class journalism to deliver quality content and innovative experiences. We offer an array of products and services including The Washington Post newspaper, The Washington Post app, Washington Post Classic app, washingtonpost.com, WP BrandConnect, Washington Post Live events and Post TV, yet our approach is always the same- shape ideas, redefine speed and take ownership. Every employee, every project, every day.

The Washington Post is seeking an Information Security (InfoSec) Analyst who will conduct technical activities aimed at preventing and responding to cyber incidents, developing and implementing new cyber-security processes and policies, along with advising the company on a wide variety of information security issues, concerns, and problems. This InfoSec Analyst will conduct incident triage, analyze severity of incidents, and resolve them with assistance from other teams as required.

Responsibilities:
  • Work with InfoSec leadership to draft, edit, and update Washington Post cyber policies.
  • Coordinate across the Engineering Department for internal and external audits of IT General Control processes, ISO framework and internal policies.
  • Develop, maintain and report on Key Performance and Risk Indicators
  • Attain PCI DSS certification to perform audits and complete Self-Assessment Questionnaires (SAQ).
  • Perform re-audits and evaluations to ensure compliance with proper internal control policies and procedures. Work with Engineering to remediate the gaps.
  • Conduct legal reviews of vendor and customer contracts to validate or negotiate DPIS terms and conditions.
  • Provide recommendations for security controls and ensures remediation of any deficiencies.
  • Administer company phishing and security awareness training campaigns using KnowBe4.
  • Engage in continuous process improvement. Incorporate automation where possible, ensuring efficiencies and a properly controlled operational environment.
  • Assist developers, users, and other internal staff to establish and maintain secure and reliable information systems at The Washington Post.
  • Review requirements statements, feasibility analyses, operating procedures, and other documents produced during systems development processes to ensure appropriate security measures are included.
  • Educate and advise others regarding the application of information security policies, standards, and other requirements to specific information systems.


Core Requirements:

EDUCATION - Bachelor's degree preferred; focus in computer science or related technical field preferred.

EXPERIENCE - Minimum of 2 years of relevant professional experience required.

CERTIFICATION - Relevant certifications a plus.

Preferred Experience & Skills:
  • 2 or more years' experience working on InfoSec compliance and policy-related initiatives required.
  • Background in ISO-27001 certification programs and processes a plus.
  • Knowledge of GDPR requirements and privacy policies desired.
  • Experience reviewing DPIS legal terms and conditions a plus.
  • Demonstrated knowledge of risk management and risk assessment tools / techniques.
  • Demonstrated analytic, problem solving, and root cause analysis skills with the ability to think quickly, remain calm under pressure, and work with others in a client-oriented environment.
  • Must be a self-starter.

Company

Thank you for your interest in a career with The Washington Post. We invite you to review all of our open positions to find the one that's right for you. We look forward to receiving your resume!


Since it first began publication more than 130 years ago, The Washington Post has grown into one of the most storied and respected news organizations in the world. A subsidiary of The Washington Post Company, today's Post is the indispensable guide to Washington. In print, we enjoy the highest penetration of any major metropolitan newspaper in the United States. On the web, we have the third largest news website with 17 million unique visitors each month, and have recently launched a celebrated news app for the iPad. We serve Washington in all media, on any platform, including paid products, events, and tailored content.

More broadly, The Washington Post Company delivers quality products to today's students, readers and viewers. What unites our company is the immediacy of our products and services, created by teachers and tutors at Kaplan; reporters and editors at our media properties; and associates at Cable ONE.
Washington Post Media views its employees as its most valuable asset and provides a comprehensive benefits package to promote healthy and balanced lives at work and at home. We offer competitive salaries, opportunities for training and career advancement and an outstanding, progressive benefits package including:
Health and dental benefits
Flexible healthcare and dependent care spending accounts
401(k) and company-funded cash balance plan
Life and disability insurance
Tuition reimbursement
Adoption assistance
Domestic partner benefits
Employee assistance program
Employee referral program
 

Company info
Website
Location
1301 K Street, N.W.
 Washington
DC
20036
US
Send job

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert