Security Analyst

Who we are: BAL is a team of brilliant people who change lives through elite immigration work and collaborative innovation. We pursue the exceptional in all that we do, but never at the expense of our values. There’s no denying our work is demanding, both in volume and pace, but we’re up for the challenge. We love the balance of hard work and fun – so, you’ll see us in jeans as we shatter glass ceilings and conventional stereotypes. BAL employees feel valued, rewarded, and respected. We seek opportunities to be of service to others and our communities. We are committed to your growth and development, and want to set you up for success here at BAL and beyond.

Who you are: You are looking for work that has a purpose. You aren’t afraid to roll up your sleeves and get stuff done. You learn quickly. You move fast. You embrace challenge and detail as well as creative thinking. You believe you have something unique to contribute and you aren’t afraid to raise your hand. You understand that powering human achievement is ultimately about impacting a real person. You are looking for a place to grow and an environment where everyone has a spot and is genuinely welcome.

We’re better together: A bright, driven person like you and an industry-leading powerhouse like BAL? It’s a perfect combination! We truly want to see you succeed here and become an integral part of our mission to provide an experience that makes a positive difference in people’s lives. Come be a part of something special, where you can have an impact and be valued just for being you!

In addition to competitive pay, a discretionary annual bonus, and a supportive, team oriented culture, we offer an outstanding benefits package that includes medical, dental, vision, disability, and life insurance, sick time, unlimited vacation, and 401(k) with company match.

OVERVIEW:

The Security Analyst reports to the Senior Manager, Enterprise Security & Privacy and serves as a key team member in supporting the overall safety and security of BAL offices, systems and personnel. In addition to supporting Security Operations, Privacy and Compliance efforts, this position is responsible for reviewing, assessing, managing, and maintaining the overall physical security system and associated controls across all BAL offices. This role requires leadership, creativity and an entrepreneurial spirit in order to effectively communicate with and support our internal and external stakeholders.

PRIMARY RESPONSIBILITIES:

• Supports the ongoing management and improvement of the corporate Information Security Management System (ISMS) and Privacy Information Management System (PIMS) to maintain compliance with ISO standards 27001 and 27701
• Ongoing management, review, and maintenance of the BAL Physical Security Program and all relevant physical security controls across BAL offices.
• Serves as day-to-day lead for reviewing and responding to Physical Security, Security Operations and Privacy events (incident response)
• Monitors the performance of required ISO 27001 and 27701 control activities throughout the company
• Works with the SecOps team to review and escalate security operations alerts and vulnerabilities
• Assists in the support of the Third-Party Risk Management (TPRM) program, performing vendor reviews and risks analyses
• Performs required internal audits of IT, Security and Privacy controls and processes
• Monitors and documents key metrics in support of the ES&P team
• Owns and updates various reports and documentation supporting Physical Security, Security Operations, Compliance and Privacy
• Owns the Business Continuity program, including the coordination of plan updates and testing a minimum of once per year
• Conducts physical security and risk vulnerability inspections to evaluate effectives of controls and provide recommendations where applicable
• Owns the Floor Warden and Physical Security and Life Safety programs for all BAL offices (emergency response, evacuation drills, power outage procedures, etc)
• Oversees AED installation, monitoring and maintenance across all BAL offices as appropriate and applicable
• Ensures availability and maintenance of first aid kits and fire extinguishers for all BAL sites
• Implements and maintains access controls that limit the personnel allowed to enter BAL workspace including but not limited to activation of physical badges for BAL employees, creation and deletion of profiles, timely suspension of all badges missing or not returned, weekly review of RTO adherence, quarterly review of access badge records for all BAL sites, management of virtual receptionist
• Prepares all P&C requested reports for employee badge swiping
• Maintains of all physical doors, which have badged or other associated physical access controls
• Organizes and manages BAL physical keys to include controlled distribution as needed
• Provides overall project management support for any physical security or life safety related projects
• Assess, identify, recommend, and configure all physical security controls for all new BAL office locations

QUALIFICATIONS:

• Minimum of 2-3 years’ experience in managing physical security program(s), physical security controls, personnel safety, and overall secure management of corporate facilities.
• 2+ years’ experience with a background in information security, privacy, compliance, audit or risk a plus
• Knowledge of internal audit / audit principles a plus
• Knowledge of ISO standards 27001 and 27701 a plus
• CISA or other relevant certification a plus
• Bachelor’s degree in related field or equivalent experience.
• Foundational knowledge of facilities management and best practice physical security controls
• Experience in risk management methodologies to assess and address security and compliance risks
• Experience in designing and implementing physical security and life safety policies and procedures
• Strong interpersonal and communication skills including the ability to achieve goals through genuine influence, collaboration, and cooperation
• Ability to quickly adapt to new concepts / processes while maintaining performance levels within a dynamic and challenging environment
• Continuous learning and development through ongoing security research, networking and both formal and informal training
• Experience in effective communication of security-related details to both the technical and business stakeholders through verbal and written communication across all levels of the organization
• Ability to professionally interact with customers, colleagues and command members at all levels; and to foster positive business relationships
• Ability to diagnose, isolate, and resolve critical and complex physical security issues
• Ability to work independently and in a collaborative team environment
• Above average written, verbal, and interpersonal skills
• Is passionate about learning and is interested in security, privacy and compliance
• Not afraid to jump in and figure things out!

WORKING CONDITIONS:

• Able to sit and work at a computer keyboard for extended periods of time.
• Able to stoop, kneel, bend at the waist and reach on a daily basis.
• Able to perform general office administrative activities: copying, filing, delivering and using the telephone.
• Able to lift and move up to 25 pounds occasionally.
• Regular and on-time attendance.
• Must be able to prioritized, schedule and complete testing required for multiple applications with overlapping schedules.
• A certain degree of creativity and flexibility is required.
• Hours may exceed 40 hours per week.
• Occasional travel by conventional means including aircraft, motor vehicle and the like within the region and to other locations as required.

Note: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required and are not intended to be an exhaustive list of all duties, responsibilities or qualifications associated with this job.

Berry Appleman & Leiden is an Equal Opportunity Employer. It is the policy of BAL to ensure an equal employment opportunity without discrimination or harassment on the basis of race, color, national origin, religion, gender, gender identity or expression, age, disability, alienage or citizenship status, marital status, creed, genetic predisposition or carrier status, sexual orientation or any other characteristic protected by law. BAL prohibits and will not tolerate any such discrimination or harassment.

BAL does not accept unsolicited resumes from recruiters or employment agencies. BAL is under no obligation to pay any referral compensation or recruiter fee in the absence of a current executed Recruitment Services Agreement. In the event a recruiter or agency submits an unsolicited resume or candidate without an agreement, BAL reserves the right to pursue and hire said candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of BAL. If your agency would like to be considered as a potential recruiting partner, please forward your contact information to Recruitment@BAL.com.