Hershey Entertainment & Resorts is currently seeking an IT Security Analyst to join the IT Department. The Information Technology Security Analyst will be responsible for all aspects of information technology security within the organization. This person will ensure the secure operation of the organization's Information Technology systems, servers and network infrastructure. This person will also be responsible for the maintenance and enforcement of the Information Technology security policies and procedures, performing risk assessments and ensuring the disaster recovery policies and procedures are maintained. This role will also oversee the various Audit requests and Risk Assessment that are performed within Information Technology and operations each year. This position will ensure that PCI compliance is maintained and work with the security technology in place along with vendors to achieve this. This position will report directly to the Manager of IT Security.
? Oversight of the Payment Card Industry Data Security Standard (PCI), HIPPA, and other compliance mandates. ? Facilitation of a HE&R security program that follows a framework where the risk is identified, the remediation steps, and the frequency is outlined. ? Oversight of the Security Technology within HE&R. This includes working with software vendors to ensure our direction aligns with industry standards and direction. Some of the technology used is Anti-Virus, IDS, IPS, Log Event Management Incident response, CCURE physical security access control systems, Computrace, Data Leakage Protection software, Messaging Security, and other industry leading technology. ? Working with Corporate Security to ensure that the technology is supported. This would include Incident Management software support, access control system support and knowledge of camera technology. ? Oversight of Incident Response for the company. This includes real-time response on event logs throughout the organization, Disaster Recovery testing and documentation, and facilitation of table top exercises on a regular basis to test the documented processes.
? Bachelor's degree + three (3) years of related experience in the information technology field OR Associates + five (5) years of related experience. If no degree, relevant work experience can be substituted for education - 8 years. ? Will be required to take & pass the ISA Certification within the first 12 months of employment.
? Broad knowledge of server, desktop, email, and security environments, including Microsoft Windows Server and Workstation environments, Lotus Domino, Anti-Spam and Anti-Spyware techniques, and other industry-standard techniques and practices. ? High level of analytical and problem-solving abilities ? Ability to manage multiple projects and multiple deadlines in an organized fashion ? Must have good interpersonal and relationship building skills. ? Professional image representative of company image & core values: Selfless Spirit of Service, Respectful of Others, Team Focused & Devoted to the Legacy.
Physical Demands & Working Conditions:
? While performing the duties of this job, the employee is required to: - Hand/Eye Coordination Occasional ( - Sitting Occasional ( ? This job requires the visual ability to perform detailed work at close distances (computer screens, accounting ledgers, using measurement devices). ? This job regularly requires verbal communication of detailed information to others either by phone or in person.
Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
Hershey Entertainment & Resorts is an Equal Opportunity Employer