Posted : Wednesday, May 01, 2024 01:26 AM
For more than 30 years, ECI Software Solutions has been providing industry-specific, cloud-based business management software and services to small and medium-sized businesses.
With divisions focused on manufacturing, wholesale/retail distribution, building and construction, and field service, ECI's solutions integrate into every aspect of a customers' business to help them level the playing field, run day-to-day operations more efficiently, and free them up to focus on what matters most.
It’s how business gets done.
Who is ECI? At ECI, our mission is to enable the entrepreneurial spirit of small and medium-sized business owners.
But ECI doesn’t simply deliver amazing software solutions; we also have an award-winning company culture.
• We offer competitive benefits focused on employee well-being, including paid volunteer time off! • We have been named by Achievers on its prestigious 50 Most Engaged Companies To Work For list for the last five years.
• We have received international recognition for our high levels of employee engagement through Certification as a Great Place to Work four years in a row.
• Our culture of creativity, innovation, and leadership has garnered over a dozen International Business Awards (Stevie®).
Come join a worldwide team with a strong culture of inclusion, professional development, and collaboration.
To apply for this position, please attach a detailed resume that demonstrates your qualifications and skill set pertaining to this position.
Applications without a resume will not be considered.
ECI delivers cloud-based business critical ERP, CRM and line of business applications to more than 20,000 customers across the globe.
The Information Security Analyst works as part of ECI’s Information Security team and will lead our cybersecurity assurance program.
The successful candidate will understand the security industry best practices and regulations as well as how to perform regular audits of ECI’s business procedures and processes to ensure security and compliance of systems we operate.
DESCRIPTION ECI is looking for an Information Security Analyst to work with our global Information Security Team to help expand and improve our cyber risk department.
At ECI, we understand that it takes an enormous effort and a lot of time to build customer trust in our products and services.
We work hard to earn and maintain that trust every single day by delivering products and experiences that really make a difference to the success of our customer’s business.
ECI’s Information Security Team, including this Security Analyst position, is critical to building and maintaining that trust.
Are you detail oriented? Do you communicate well in oral and written form? Can you collaborate with teams or individuals at all levels of a corporation? If so then this is a great job for you.
This position will capitalize on your current experience and security skill set while promoting and providing opportunities to expand your knowledge in many other areas of security.
You will work to help identify risk, perform assessments, achieve regulatory compliance, conduct internal audits, work with third party security providers and vendors, provide monthly reporting and more.
DUTIES AND RESPONSIBILITIES • Perform evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommend appropriate changes.
• Support the creation of a comprehensive risk management and regulatory oversight program, including specifications for product and service design aligned with the NIST framework.
• Provide clear direction to internal ECI teams on industry regulatory specifications applicable to their products and services.
• Build security documentation for customers and internal users, build management level metrics and reporting for activities that are owned by the Risk Manager.
• Coordinate industry and regulatory certifications, including managing certification vendors (e.
g.
, CMMC, ITAR, SOC2, ISO 27001, GDPR, etc.
).
• Daily, Weekly and Monthly operations verification and reporting across scheduled security activities such as, infrastructure penetration and vulnerability scans, patch management, Anti-virus and phishing reports, user access, etc.
• Daily monitoring and follow-up of security logs & alerts as needed.
• Support the organizations InfoSec and data privacy policies.
• Work with internal groups to conduct audits, assessments, vulnerability and penetration testing, leveraging third party partners to assist with these activities as needed.
• Respond to and record information security inquiries and incidents.
Recommend mitigation and remediation strategies.
• Participate in the evaluation and testing of new security tools and countermeasures.
• Participate in execution of vendor risk assessments.
• Championing security awareness training and social engineering campaigns • Other related duties may be assigned.
QUALIFICATIONS • Bachelor’s degree or 5+ years of experience in Information Security, Risk Management and Data Protection.
• Work within a framework to identify security gaps and mitigation recommendations.
• Experience with penetration and vulnerability testing techniques a plus.
• Able to help strategize methods of detecting/preventing threat actor tactics and techniques.
• Good understanding of security defense measures and mechanisms.
• Familiar with Incident Response concepts a plus.
• Fundamental technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures • Substantial experience with policy frameworks and regulations such as CMMC, SOC2, ITAR, ISO 27001/27002, NIST, GDPR, etc.
• Experience with Risk Management in compliance and/or security context • Strong communication and organizational skills, outstanding attention to detail, and excellent problem-solving and follow-up skills • Must be able to participate in team meetings to support team Lead/Manager with stakeholder requirements, business needs to articulate technical processes and objectives.
• A commitment to further ECI’s culture and values and to providing extraordinary service.
• Prefer candidate to hold one or more of the following certifications: CISA, CISM, CISSP, CIPP This position will require access to information protected under U.
S.
export control laws and regulations, including the International Traffic in Arms Regulations (ITAR).
Please note that any offer for employment will be conditioned on any required authorization to receive software or technology controlled under these U.
S.
export control laws and regulations necessary to perform the responsibilities of the position.
#LI-REMOTE In addition to our competitive salary and award winning culture, we offer an excellent benefit package.
We even offer our employees a day off to serve their community! Our company core values are our “CODE”: Crave Greatness, Own the Outcome, Deliver Awesome and Embrace Community.
With divisions focused on manufacturing, wholesale/retail distribution, building and construction, and field service, ECI's solutions integrate into every aspect of a customers' business to help them level the playing field, run day-to-day operations more efficiently, and free them up to focus on what matters most.
It’s how business gets done.
Who is ECI? At ECI, our mission is to enable the entrepreneurial spirit of small and medium-sized business owners.
But ECI doesn’t simply deliver amazing software solutions; we also have an award-winning company culture.
• We offer competitive benefits focused on employee well-being, including paid volunteer time off! • We have been named by Achievers on its prestigious 50 Most Engaged Companies To Work For list for the last five years.
• We have received international recognition for our high levels of employee engagement through Certification as a Great Place to Work four years in a row.
• Our culture of creativity, innovation, and leadership has garnered over a dozen International Business Awards (Stevie®).
Come join a worldwide team with a strong culture of inclusion, professional development, and collaboration.
To apply for this position, please attach a detailed resume that demonstrates your qualifications and skill set pertaining to this position.
Applications without a resume will not be considered.
ECI delivers cloud-based business critical ERP, CRM and line of business applications to more than 20,000 customers across the globe.
The Information Security Analyst works as part of ECI’s Information Security team and will lead our cybersecurity assurance program.
The successful candidate will understand the security industry best practices and regulations as well as how to perform regular audits of ECI’s business procedures and processes to ensure security and compliance of systems we operate.
DESCRIPTION ECI is looking for an Information Security Analyst to work with our global Information Security Team to help expand and improve our cyber risk department.
At ECI, we understand that it takes an enormous effort and a lot of time to build customer trust in our products and services.
We work hard to earn and maintain that trust every single day by delivering products and experiences that really make a difference to the success of our customer’s business.
ECI’s Information Security Team, including this Security Analyst position, is critical to building and maintaining that trust.
Are you detail oriented? Do you communicate well in oral and written form? Can you collaborate with teams or individuals at all levels of a corporation? If so then this is a great job for you.
This position will capitalize on your current experience and security skill set while promoting and providing opportunities to expand your knowledge in many other areas of security.
You will work to help identify risk, perform assessments, achieve regulatory compliance, conduct internal audits, work with third party security providers and vendors, provide monthly reporting and more.
DUTIES AND RESPONSIBILITIES • Perform evaluation of internal operations, controls, communications, risk assessments and maintenance of documentation as related to regulatory compliance and recommend appropriate changes.
• Support the creation of a comprehensive risk management and regulatory oversight program, including specifications for product and service design aligned with the NIST framework.
• Provide clear direction to internal ECI teams on industry regulatory specifications applicable to their products and services.
• Build security documentation for customers and internal users, build management level metrics and reporting for activities that are owned by the Risk Manager.
• Coordinate industry and regulatory certifications, including managing certification vendors (e.
g.
, CMMC, ITAR, SOC2, ISO 27001, GDPR, etc.
).
• Daily, Weekly and Monthly operations verification and reporting across scheduled security activities such as, infrastructure penetration and vulnerability scans, patch management, Anti-virus and phishing reports, user access, etc.
• Daily monitoring and follow-up of security logs & alerts as needed.
• Support the organizations InfoSec and data privacy policies.
• Work with internal groups to conduct audits, assessments, vulnerability and penetration testing, leveraging third party partners to assist with these activities as needed.
• Respond to and record information security inquiries and incidents.
Recommend mitigation and remediation strategies.
• Participate in the evaluation and testing of new security tools and countermeasures.
• Participate in execution of vendor risk assessments.
• Championing security awareness training and social engineering campaigns • Other related duties may be assigned.
QUALIFICATIONS • Bachelor’s degree or 5+ years of experience in Information Security, Risk Management and Data Protection.
• Work within a framework to identify security gaps and mitigation recommendations.
• Experience with penetration and vulnerability testing techniques a plus.
• Able to help strategize methods of detecting/preventing threat actor tactics and techniques.
• Good understanding of security defense measures and mechanisms.
• Familiar with Incident Response concepts a plus.
• Fundamental technical understanding of key technologies such as operating systems, networks, application development, databases, virtualization, and cloud infrastructures • Substantial experience with policy frameworks and regulations such as CMMC, SOC2, ITAR, ISO 27001/27002, NIST, GDPR, etc.
• Experience with Risk Management in compliance and/or security context • Strong communication and organizational skills, outstanding attention to detail, and excellent problem-solving and follow-up skills • Must be able to participate in team meetings to support team Lead/Manager with stakeholder requirements, business needs to articulate technical processes and objectives.
• A commitment to further ECI’s culture and values and to providing extraordinary service.
• Prefer candidate to hold one or more of the following certifications: CISA, CISM, CISSP, CIPP This position will require access to information protected under U.
S.
export control laws and regulations, including the International Traffic in Arms Regulations (ITAR).
Please note that any offer for employment will be conditioned on any required authorization to receive software or technology controlled under these U.
S.
export control laws and regulations necessary to perform the responsibilities of the position.
#LI-REMOTE In addition to our competitive salary and award winning culture, we offer an excellent benefit package.
We even offer our employees a day off to serve their community! Our company core values are our “CODE”: Crave Greatness, Own the Outcome, Deliver Awesome and Embrace Community.
• Phone : NA
• Location : Charlotte,NC,USA, Charlotte, NC
• Post ID: 9022960966