Senior IT Security Analyst
Merkle is a leading data-driven, technology-enabled, global performance marketing agency that specializes in the delivery of unique, personalized customer experiences across platforms and devices. For more than 30 years, Fortune 1000 companies and leading nonprofit organizations have partnered with Merkle to maximize the value of their customer portfolios. The agency’s heritage in data, technology, and analytics forms the foundation for its unmatched skills in understanding consumer insights that drive people-based marketing strategies. Its combined strengths in performance media, customer experience, customer relationship management, loyalty, and enterprise marketing technology drive improved marketing results and competitive advantage. With 9,600+ employees, Merkle is headquartered in Columbia, Maryland, with 50+ additional offices throughout the US, EMEA, and APAC. In 2016, the agency joined the Dentsu Aegis Network. For more information, contact Merkle at 1-877-9-Merkle or visit www.merkleinc.com.
The IT Security - Senior Analyst role will report to the Line of Business CISO. The role will work with a team of geographically distributed Merkle staff and contract employees. This role will support a broad range of security and risk disciplines including IT risk analysis, certifications (SOC I SOC II, PCI-DSS), internal audit, compliance, security controls (physical and logical), information security, and business continuity/disaster recovery (BC/DR). The IT Security – Senior Analyst candidates will demonstrate the ability to thrive in a fast-paced, dynamic environment, work independently, assess incidents/requests, and apply the correct level of urgency to achieve a mutually accepted solution, while providing exemplary customer service in support of Merkle’s information Technology vision. The IT Security – Senior Analyst shall have demonstrated previous experience with information security compliance or technical disciplines and have a strong drive to learn and grow their skill set.
Essential Tasks and Responsibilities:
- Due to the nature of this role candidates must be US citizens and live within the US
- Must have extensive experience supporting PCI-DSS certifications and audits
- Lead audits of IT systems and/or related operational process controls against established Merkle criteria, including analysis and reporting
- Working knowledge of HIPAA controls
- Effectively engage with external client audit staff to minimize high risk findings and exposure to Merkle by using sound judgment and discretion
- Execute dentsu IT processes (e.g. incident management, problem management, change management, emergency response and physical/logical security)
- Assist with development and lifecycle of policy, procedures, and processes
- Assist with incident management and disaster recovery operations
- Show an appropriate sense of urgency to respond to requests and queries
- Stay current with existing and emerging IT Risk management standards and practices
- Ensure that controls designed to ensure security and availability of the Merkle and client information technology environment are adhered to
- As the department and function evolves, remain flexible and participate in other duties as identified and assigned
- Assist with Platform BC/DR testing facilitation and maintenance projects
- Demonstrate support for the Merkle IT Guiding Principles
- Uphold and promote Merkle’s core values and culture
Measures of Success:
- Consistently complete assigned internal and external audits within agreed-to scopes and timeframes
- Consistently deliver reports and associated tasks, meeting or exceeding customer expectations on-time/budget
- Effectively manage day to day activities, and meet deadlines
- Exercise the appropriate degree of follow up with stakeholders and task owners
- Effectively lead more junior members of the team
- Demonstrate the ability to work as part of a team and share knowledge with team members.
- Must be a US Citizen living within the United States
- Strong background in PCI-DSS
- Working knowledge of HIPAA Controls
- Working knowledge of Information Security concepts including malware prevention; social engineering; emerging threats; attack vectors and vulnerability management
- Working knowledge of IT practices/infrastructure/systems and how IT delivers services
- Working knowledge of end user productivity and collaboration tools including Microsoft Office, Skype for Business and SharePoint
- Ability to maintain focus through conflict and challenging situations with positive outcomes for Merkle and its clients
- Possess effective presentation skills and the ability to convey IT risk concepts clearly and accurately
- Self-starter and the ability to work independently
- Ability to multi-task and prioritize workloads and adapt to changing business conditions
- Proven analytical, critical thinking, and problem-solving skills
- Excellent collaboration and verbal and written communication skills
Education and Experience:
- 2-4 years of IT Security, Risk, Audit, or information system experience in a dynamic enterprise IT environment
- Experience working with security and/or audit frameworks
- Experience performing IT audits and analyzing risk using industry accepted methodologies highly desired
- Experience planning, facilitating and assessing the success of BC/DR testing
- Knowledge of AWS and Azure Cloud are a plus
- CISA and CISSP Certifications are a plus
At Merkle, we believe that a diverse environment improves us as a community and as a business. We want to foster an environment of growth, where all ideas and contributions are encouraged. We need this culture of courage to continue to thrive in our fast-paced industry. We embrace differences of opinion. We value diversity of experience and thought, which help us to challenge and define industry-leading solutions, and support our goal of being a great place to work.
Merkle fosters a diverse environment that encourages original thinking about our business and empowers us to communicate with a global world of customers. We embrace differences of opinion and diversity of thought as they help us challenge and refine our solutions. Merkle, as a best-in-class marketing agency, welcomes big ideas, and believes they can come from anywhere.
All your information will be kept confidential according to EEO guidelines.