Information Security Analyst

Our clients fight diseases, improve natural resource efficiency, create next generation electronics, and develop higher yield crops. Wellspring is the leading provider of software to manage R&D and innovation. Our clients include Fortune 500 companies, premier research universities, and leading medical institutions. Wellspring also operates Flintbox®, the largest online marketplace for inventions emerging from research labs around the world.

Reporting to the IT Operations Manager, the Information Security Analyst will combine their technical and analytical skills to provide project management and leadership on information security initiatives. We invite interested and qualified applicants to send a resume, brief introduction, and salary requirements to Michael Blanco via careers@wellspring.com.

Responsibilities:

  • Create, enforce and train employees on information security policies and related SOPs
  • Authorize and manage proper access to internal company resources
  • Review and complete vendor and client IT audit questionnaires, data agreements, and contracts
  • Act as first point of contract for external contacts regarding Information Security or Privacy
  • Execute internal reviews of information security and coordinate 3rd party assessments.
  • Assist in annual audits, including risk and compliance of our technical and client facing teams throughout the company
  • Recommend and coordinate the implementation information security related activities with the software teams.
  • Perform root cause analysis for information security related issues and related actions.

Requirements:

  • Excellent verbal and written communication skills with internal teams and external clients
  • Experience creating, documenting, and implementing internal processes and procedures
  • Experience with information security: federal computing standards, auditing, and pen testing
  • Knowledge of information security compliance and regulatory frameworks such as FedRAMP, ISO, SOC, NIST, GDPR, HIPAA
  • Knowledge of network and application architectures specifically around information security
  • Familiarity with intrusion detection systems, firewalls, log analysis tools, vulnerability scanning

Preferred:

  • Familiarity with federated authentication via SAML or other protocols
  • Familiarity with HTTP/HTTPS, SSL/TLS, TCP/IP and other common network protocols
  • Knowledge of hosting providers such as AWS, Azure, Google Cloud
  • Knowledge of account management, group management, RBAC via LDAP

Wellspring is an Equal Opportunity Employer.