Senior Security Analyst
Propio Language Services · Overland Park, KS · 2 mo ago
Information TechnologyFull-time
Key Responsibilities
- Data Security
- Develop and enforce data security standards for data classification, handling, retention, encryption, backup, and destruction.
- Oversee the implementation and validation of controls that protect data at rest, in transit, and in use across cloud platforms, endpoints, applications, and SaaS services.
- Conduct technical assessments to evaluate dataflow risks, exposure points, and adherence to regulatory or contractual requirements (HIPAA, PCI, GDPR, etc., as applicable).
- Work with engineering and IT teams to improve data loss prevention (DLP), access control, monitoring, logging, and detection capabilities.
- Support secure architecture reviews of new systems or integrations, with emphasis on data security requirements.
- Quantitative Risk Analysis
- Develop and perform quantitative cyber risk assessments using models such as FAIR to estimate loss exposure, probability of threat events, and financial impact across critical assets and business processes.
- Translate technical security metrics (e.g., control effectiveness, threat frequency, vulnerability data) into defensible, data-driven risk scenarios to inform decision-making and investment prioritization.
- Develop and maintain risk models, dashboards, and Monte Carlo simulations to track changes in risk posture over time and measure the ROI of security controls and initiatives.
- Contribute to the continuous evolution of security governance, metrics, dashboards, and reporting.
- Security Operations & Risk Management
- Participate in security incident response, particularly in incidents involving data exposure, system outages, or operational disruption.
- Support internal and external audits related to data protection.
- Provide risk mitigation recommendations, security requirements, and technical guidance to cross-functional teams.
- Maintain detailed, accurate documentation for policies, standards, runbooks, testing logs, and security assessments.
- Bachelor’s degree in Information Security, Information Technology, Computer Science, or related field; or equivalent experience.
- 10+ years of experience in information security or IT risk roles.
- Handson experience developing quantitative risk assessment programs.
- Strong knowledge of data security principles, including encryption, access management, secure configuration, logging/monitoring, and DLP.
- Familiarity with cloud environments (AWS or Azure) and their native resilience/security features.
- Experience supporting incident response and conducting post incident reviews.
- Working knowledge of security frameworks and standards such as NIST CSF, CIS, SOC 2, HITRUST, GDPR, and others.
- Excellent analytical skills with the ability to assess complex technical systems and articulate risks clearly.
- Strong communication and documentation abilities, with experience preparing reports for technical and executive audiences.
- Relevant certifications such as CISSP, CISM, CRISC, or CCSK.