The Senior Information Technology Security Analyst will be responsible for all aspects of Information Technology Security within Hershey Entertainment & Resorts (HE&R). This person will ensure the secure operation of the HE&R Information Technology systems, servers and network infrastructure. This person will also be responsible for the maintenance and enforcement of the Information Technology Security Policies and Procedures, performing risk assessments and ensuring the disaster recovery policies and procedures are maintained. The Senior Information Technology Security Analyst will oversee the various Audit requests and Risk Assessment that are performed within Information Technology and operations each year. This position will ensure that PCI compliance is maintained and work with the security technology in place along with vendors to achieve this.
Oversight of the PCI, HIPPA, and other compliance mandates. This requires an ISA Certification which gives the authority to facilitate the Self Certification process with PCI.
Facilitation of a HE&R security program that follows a framework where the Risk is Identified, the remediation steps, and the frequency is outlined. This will require working with Information Technology and Departmental staff to review system audits, make recommendations to enhance controls, and provide direction for the security program.
Oversight of the Security Technology within HE&R. This includes working with software vendors to ensure our direction aligns with industry standards and direction. Some of the technology used is Anti-Virus, IDS, IPS, Log Event Management Incident response, CCURE physical security access control systems, Computrace, Data Leakage Protection software, Messaging Security, and other industry leading technology.
Working with Corporate Security to ensure that the technology is supported. This would include Incident Management software support, access control system support and knowledge of camera technology.
Oversight of Incident Response for the company. This includes real-time response on event logs throughout the organization, Disaster Recovery testing and documentation, and facilitation of table top exercises on a regular basis to test the documented processes.
Minimum of 5 years of related experience working in Information Technology, preferably within the Information Security field.
Bachelor’s degree, preferably in an Information Technology, Information Security or Business related function. A minimum of ten (10) years related work experience can be substituted if no degree is obtained.
Must have a valid driver’s license.
Information Security Certification highly preferred – CISSP, CISM
Strong knowledge of Internet and network security technologies such as: TCP/IP, firewalls, Anti-Virus, SIEM, Web Proxy, VPN, Encryption technologies, server configuration, and application security.
Strong knowledge of third-party security or audit tools
Strong familiarity with Information Security frameworks, guidelines and standards such as NIST, ISO, FFIEC, PCI, GLBA, etc.
Excellent verbal, written and interpersonal communication skills
Proven ability to work independently and as part of a team
Proven customer support skills
Strong problem solving and decision making skills
Team Lead experience helpful
Physical Demands & Working Conditions:
The work schedule for this position will include normal business hours between Monday-Friday (8AM-5PM). Additional evening/weekend hours may be required based on operational need.
Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
Hershey Entertainment & Resorts is an Equal Opportunity Employer
Additional Salary Information: Competitive salary based on market and individual experience
Welcome to Hershey Entertainment & Resorts Company (HE&R), a world-class entertainment & hospitality company. With such properties as Hersheypark, The Hotel Hershey, Hershey Bears hockey team, Hershey Lodge, and numerous restaurants, it's no wonder Hershey is called The Sweetest Place On Earth. It's also no wonder we are a sought-after employer where our team members have fun and get to work in hi...storic settings with the smell of chocolate in the air. Our core culture of team-focused and service-oriented is paramount as employees greatly impact the success of the organization. We are a community-minded, family-focused organization that strives to deliver memorable experiences to guests and employees alike. With a robust Training & Development program, enviable perks and 'sweet' working environments, we invite you to visit www.HersheyJobs.com to apply for a position with us!
HE&R is a privately held company founded in 1927 when our founder, Milton S. Hershey, separated his chocolate manufacturing operations from his other businesses. Our nearly 1,600 full-time and more than 6,200 seasonal/part-time employees share a common goal of upholding the legacy of our founder while striving to live by our company's Core Values: Devoted to the Legacy, Selfless Spirit of Service, Team Focused, and Respectful of Others.
OUR CORE PURPOSE:
HE&R is proud to help fulfill the dream of our founder, Milton S. Hershey, by providing value to Milton Hershey School, the largest home and school in the world, as it continues to provide opportunities for children in need.
Recent updateSee all
Image accompanying recent update
Hershey Entertainment & Resorts: Who We Are
59 Likes 3 Comments 10mo
Hospitality, Recreation, Leisure, Culinary, Finance, Marketing, and Human Resources