This job might no longer be available.
Information Security Analyst
2 years ago
*remote positions available in CA, CO, FL, GA, MA, NH, TX, UT, VA, WA only
Position Intro
Tilia Inc. is a wholly-owned subsidiary of Linden Research, Inc., and a licensed money transmitter in the U.S. Tilia Pay enables publishers of video games and virtual worlds to create in-world economies and monetize user interaction. Built from the ground up to be robust, flexible, and secure, Tilia Pay powers virtual economies of leading and cutting edge publishers with hundreds of millions of dollars in circulation.
Linden Research, Inc. dba Linden Lab develops platforms that empower people to create, share, and benefit from virtual experiences. Founded in 1999, the company first launched Second Life, the groundbreaking virtual world enjoyed by millions around the globe, in 2003, which has since gone on to boast nearly two billion user creations and a vibrant $500 million (USD) economy.
Primary Functions
As an Information Security Analyst you will work with engineering, product, legal and compliance teams to help provide a secure customer experience and to develop and enhance security solutions for Tilia Pay, and for Second Life, Linden Lab’s flagship virtual world.
Responsibilities
Security impact assessments
- coordinate engineering team assessments of tools, applications, systems and infrastructures to ensure compliance with regulations and security best practices, and that established baselines are maintained,
- assist with the design and execution of vulnerability assessments on applications, system designs and infrastructure, and security compliance assessments,
Security reporting and response monitoring
- Python automation for frequent security reporting activities
- monitor information security alerts and review technical team responses to ensure teams adequately respond, triage, and escalate as needed. Alerts include logs from firewalls, IDS, OS, Antivirus, databases, web application firewalls, and AWS CloudTrail.
- audit the AWS and enterprise system environments and provide actionable information pertaining to risk discovery and recommend event alerts and summary reports
- coordinate and assist with evidence collection for external audits and exams
- develop and report key security metrics
Other duties as assigned (not limited to:)
- manage Organizational Units in Google Suite and manage security policies
- perform cross platform audits of objects and user permissions, for internal systems and vendor sites
- coordinate third-party risk assessments and annual vendor reviews
- track employee security and privacy training
- employee phishing simulations
- promote security awareness and practices throughout the company and provide support and guidance to employees with security questions and concerns,
- completion of AWS Certified Security Specialty certification will be an early requirement for this position; training will be provided by Tilia Inc
Knowledge, Skills, Abilities
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Deep networking knowledge in office, data center, and public contexts
- Ability to identify and document AWS security issues
- Ability to create Python scripts to enhance monitoring and automate common tasks
- Excellent written and verbal communication skills
- Ability to multi-task in a fast-paced, changing environment
- Have excellent organizational, analytical, and problem-solving skills
- Willingness to learn and apply new skills
- Strong interpersonal, oral and written communication skills and ability to advise IT system architects and technical project teams
- Self-driven education to stay abreast of security developments and threats
- Detail-focused, adherent to procedures
Education
- Bachelor’s degree or 4 years industry experience
- IT Networking and Security certifications (e.g., Network+, Security+, CySA+, CISSP) are a plus
- Foundational Amazon Web Services knowledge
Experience
- 2-5 years’ experience in the data security principles needed to monitor security controls and oversee data security practices
- Experience with integrating security and security monitoring into development lifecycles and providing advice on secure product design
- Good understanding of hacking techniques and defensive countermeasures
- Basic proficiency in Python programming language with examples of work
- Strong Linux fundamentals required
- Experience with Vulnerability Assessment frameworks
- Understanding of NIST, DISA, STIG, or CIS frameworks and security best practices
Create Your Profile — Game companies can contact you with their relevant job openings.