ARI, part of the Holman Automotive Group and headquartered in Mt. Laurel, N.J., is a billion-dollar global vehicle fleet leasing and management company that prides itself on providing exceptional service. A recognized leader in the industry and the largest fleet management company in North America. Ranked #27 on FORTUNE magazine’s 100 “Best Places to Work” and #17 on Computerworld’s Best Places to Work in IT. ARI has more than 65 years of experience offering its employees a place where their careers and personal development can thrive.
ARI has an outstanding opportunity for an Information Security Analyst.
Job Purpose: Provides operational security services and direct support of information security practices across ARI’s global environment. This role involves partnering with both technology and business areas to develop, implement, maintain, and adapt data security practices as called for to protect the business.
- Performs vulnerability assessments and reviews facilitating, remediation planning, tracking exposures and reporting on treatments through mitigation, remediation and closure.
- Assists with developing and performing security control assessments for common platforms and services (servers, desktops, virtual environments, networks, databases, etc.)
- Participates in incident response, assessing threats, quantifying impacts, prioritizing, coordinating, and performing response activities, documenting incidents and reporting on security events and incidents.
- Assists the IT Infrastructure teams in the management and configuration of security implementations such as IPS/IDS, Proxy, Endpoint Technologies, and Mail Controls.
- Maintains awareness of new Tactics, Techniques, and Procedures via reporting from threat intelligence sharing organizations (US-CERT, FS-ISAC, etc.).
- Investigates user reported threats such as phishing or malware infections.
- Monitors and evaluates security events using Security Event & Incident Monitoring tools.
- Provides administration and care of the Security Event & Incident Monitoring platform, ensuring audit trails, system logs and other monitoring data sources are reviewed and actionable.
- Performs application security and project reviews, working with third party assessors, business members, technical staff and application owners to identify and control exposures.
- Monitors and promotes compliance with information security practices and policies, reporting violations to Management.
- Advises management on best practices, data security innovation, current trends, and industry developments.
- Assists with developing and proposing changes to policies and procedures
- Participates in project and vendor reviews as a technical resource.
Knowledge and Skill:
- A motivated self-starter that is able to work independently and in a team environment.
- Strong verbal and written communication skills with the ability to communicate security issues to both a technical and non-technical audiences.
- Ability to develop and maintain strong relationships at all levels within the company.
- Experience with vulnerability management tools and processes.
- Experience with infrastructure and application security controls.
- Familiarity with common data assurance, information security and cyber security frameworks is a plus.
- Experience with Microsoft Windows & Linux security practices preferred.
- Experience with Python, Microsoft PowerShell or other languages is a plus
- Bachelor’s degree in Computer Science, Information Systems or other related field.
- Professional Certifications such as CISSP/GIAC/CISA/CISM is a plus.
- 3-7 years of combined Information Security and Technical Administration experience.