Search Available Jobs

Information Security Analyst, GRC in Heredia at TradeStation

Date Posted: 9/19/2023

Job Snapshot

Job Description

Who We Are:
TradeStation is an online brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge. At TradeStation, we're continuously pushing the boundaries of what's possible, encouraging out-of-the-box thinking and a relentless search for innovation. 

What We Are Looking For:
The Information Security Analyst is responsible for supporting the Governance Risk & Compliance (GRC) Security Team in ensuring the protection of the company’s assets from unauthorized access. This includes performing periodic access reviews and assessments, communicating with application owners and managers, gathering information, and creating metrics. The Security Analyst is also responsible for developing, reviewing, and updating security and IT general controls.

What You'll Be Doing:
  • Work with the Information Security team to improve the protection of information for the company
  • Perform periodic security control assessments and reviews in accordance with security plans
  • Design and implement automation to enhance IT Controls or manual processes using scripting languages such as Python, Javascript, and PowerShell
  • Review, update and develop required security documentation, including Information Security policies and standards
  • Perform security testing including review, analysis, and validation of findings, and tracking these to remediation
  • Develop and compile metrics, dashboards, and analytics for executive-level audiences, using SQL and/or reporting tools (Excel data function, Excel pivot table, PowerBI)
  • Stay current on IT compliance trends and news related to security (NIST, Cobit, PCI, SOX, GDPR…) and make recommendations to the security team
  • Maintain and enhance existing scripts, bringing new automation solutions to the Security team
  • Assist with configuring, installing, and administering security tools and systems. Conduct continuous health monitoring of security tooling and control implementations
  • Support project assignments with strong and effective communication, time management and collaboration skills
  • Assist with other security-related initiatives as they arise
The Skills You Bring:
  • Self-driven, organized, and detail-oriented with an ownership attitude
  • Excellent English verbal and written communication skills
  • Able to effectively interact with all levels of the organization
  • Strong analytical, problem-solving, and troubleshooting skills
  • Able to multitask and prioritize work in a quickly changing business environment
  • Knowledge or experience developing documentation and conducting access control reviews
  • Understanding of security best practices and compliance requirements (PCI, SOX, GDPR)
  • Solid understanding of security concepts such as Segregation of Duties, Data Classification, or Least Privilege
  • Demonstrated personal initiative in maintaining a continuous level of professional knowledge in areas of technology, security, and risk management
  • Experience with Microsoft Office products, especially familiar with Excel and its functions (TRIM, VLOOKUP, and other data functions), Word, PowerPoint and PowerBI
  • Experience with programming and scripting languages (Python, Javascript, Powershell, C#)
  • Desire to learn new security technologies and practices
  • Knowledge or experience with SQL and reporting tool(s) is a plus
  • Excellent skills with Microsoft Office and Atlassian tools (Jira and Confluence)
  • Understanding SDLC and any Oriented Object Programming language helpful
  • Experience as a software developer and/or Quality assurance tester is a plus
  • Knowledge or experience with Microsoft Azure and Amazon Web Services environments is a plus
Minimum Qualifications:
  • Must be in Costa Rica and able to work core US Eastern Time hours
  • Bachelor's Degree in Computer Science/Information Technology/Information Security or equivalent work experience required
  • Minimum of 3 years of Information Technology and/or Information Security work experience is required
Desired Qualifications:
  • An acknowledged industry security certification such as Security+, or CySA+ is a plus
  • AWS, Azure certification(s) are a plus
  • Knowledge of the Cryptocurrency environment is a plus
  • Demonstrated progression toward security career goals and willing to pursue relevant professional designations (ex. CISA, CISM, CISSP)
What We Offer:
  • Collaborative work environment
  • Competitive Salaries
  • Yearly bonus
  • Comprehensive benefits for you and your family starting Day 1
  • Unlimited Paid Time Off
  • Flexible working environment
  • TradeStation Account employee benefits, as well as full access to trading education materials