Information Security Analyst

COUNTRY Financial serves about one million households and businesses throughout the United States. It offers a full range of financial products and services from auto, home and life insurance to retirement planning services, investment management and annuities.

At COUNTRY Financial, our Governance, Risk and Compliance team has an open position for an Information Security Analyst. This position will help safeguard the organization’s information through the performance of risk assessments, influence on policy and standards and contribution to security awareness. In this role your skills, experience and knowledge of information security will help the organization ensure vendors, applications and organizational changes occur within the boundaries of the organization’s risk tolerance.

This role participate in projects and assessments as a security consultant or advisor on risk. Researches general and industry specific security trends. Analyzes, defines security policies and information security standards. Provides detail to project teams regarding security requirements. Creates and presents risk reports, policies, results and deliverables. * Participates in projects and assessments on risk determination. * Ability to identify, quantify and communicate risk to customers with a wide variety of backgrounds (technical and business). * Solid understanding of regulations/security standards such as GLBA, PCI, HIPAA, FFIEC. * Knowledge of industry standard Risk Assessment approaches such as NIST 800-30. * Comprehensive understanding of Technical, Administrative and Physical controls to safeguard information security. * Ability to drive assessments through interviews and relationships to understand and quantify appropriate risks. * Possesses a holistic view of an Information Security Program and the role of key components to ensure protection of information. * Experience in interpreting, authoring and analyzing security policies and standards. * Experience influencing and participating in building and administering security awareness in an organization.

**Experience Required:** * Bachelor's degree and at least 5 years of experience in information technology OR, * Master's degree and at least 3 years of experience in information technology OR, * At least 7 years of experience in information technology. **Additional Requirements:** * Industry relevant certifications such as CISSP, CRISC, CISA, CGEIT, Security +. * Effective communication skills enabling the ability to communicate complex information to various audiences both verbally and in writing. * Ability to establish trust with partners through demonstration of knowledge and commitment to security. * Understanding of the role of the Information security Program in the securing of an organization’s. * Strong knowledge and understanding of the role of technical, administrative and physical controls in securing information * Confidence to recommend changes and improvements to the security program. * Ability to manage multiple projects and engagements simultaneously.