Sr. Information Security - 3rd Party Risk Analyst
- Alpharetta, Georgia
- Facility: RAMAPO RIDGE I.S. CENTER
- Job ID: 281145
- Zip Code: 30005
- Street Address: 340 MACARTHUR BLVD
CAPITAL LEAD Snapshot
- Diverse experiences as part of a global team
- Work with the latest technology
- Massive scale of projects
- Unlimited opportunities to grow
The Resources To Innovate
With our commitment to making a significant investment in technology initiatives each year, the scale of technology at UPS allows you to dream big and realize bigger.
Today, ORION can solve an individual route in seconds and is constantly running in the background evaluating routes before drivers can even leave the facility. This level of route evaluation conducted through the ORION program requires extensive hardware and architectural provisions. Running on a bank of servers in Mahwah, New Jersey, ORION is constantly evaluating the best way for a route to run based on real-time information. While most of America is sleeping, ORION is solving tens of thousands of route optimizations per minute.
UPS has launched a beta version of a chatbot, an artificial intelligence-enabled platform that mimics human conversation to help users easily find UPS’ locations, get shipping rates and track packages. Elements of artificial intelligence are becoming a bigger part of various UPS technologies. For example, our new virtual assistant on UPS.com uses natural language understanding to help customers track packages. The assistant becomes skilled at its tasks as more people ask it questions.
Our focus is on real-world applications that benefit our customers. Drones offer a great solution to deliver to hard-to-reach locations in urgent situations where other modes of transportation are not readily available. Innovation through automation and robotics has long been a focus for the world’s largest package delivery company. In fact, UPS has been testing drones in warehouses to check high storage racks to confirm stock or available space. We’re also exploring the use of drones to deliver humanitarian aid in hard-to-reach parts of the world.
UPS Access points
UPS Access Point locations are convenient places—such as The UPS Store®, neighborhood grocery stores, or other local businesses— that offer easy package drop-off and pickup. Our technology links Access Points into our network with information entered through UPS Mobile, My Choice and ORION software used by our drivers.
With over 8,100 UPS Access Point locations in the U.S., UPS now offers approximately 67 percent of consumers an alternative to home delivery within 3 miles of their residence. Our network of interconnected apps gives our customer maximum visibility and control over where and when they receive their packages.
UPS My Choice
UPS My Choice Members and Premium Members, receive delivery alerts for all eligible home deliveries. For those times when customers won't be home to greet their UPS driver, they can reschedule, redirect, or have their packages delivered The UPS Store® or to a UPS Access Point location.
Our technology allows for changes made on deliveries to be quick and convenient. Nearly 24 million U.S. consumers already use My Choice to plan their deliveries.
The UPS Mobile app allows users to track, ship, get a quote, or find a location. It is a one-stop app for any information a customer might need on their delivery. With a simple yet robust interface and My Choice integration, it serves as a convenient way to get the information they need, whenever or wherever they may need it. UPS Mobile is has been developed for both iOS and Android platforms.
EVERYTHING YOU NEED TO SUCCEED
From cloud technology to network planning tools, telematics to encryption, we’re empowering our IT team with the latest tools to serve customers and drive our organization forward.
THERE’S NO STOPPING YOU
No matter where you start at UPS, you’ll be encouraged to learn new skills and follow your interests. Find out more about how you can grow through in-house training, our online learning center, or education assistance for accredited degree programs.Learn More about UPS training
STUDENTS & GRADS
We offer summer internships to students in a wide variety of degree programs. Discover mentoring and learning opportunities that will put your career on the right track. And you can even extend your summer internship into a year-round co-op experience or a full-time role. Find out more about our opportunities for students and recent grads.Learn More about opportunities for Students and Graduates
Learn more about our locations to see where you can make tech breakthroughs.Learn More about UPS locations
GO ABOVE AND BEYOND
See how UPSers are doing more–including innovating in the skies to deliver lifesaving medicines.
Get More From Your Benefits
Medical, dental, vision, and more
Career growth & mobility
The benefits and compensation information provided on this website are for informational purposes only. Not every product or service is available or applicable to every employee and the availability of a product or service is subject to change. UPS reserves the right to alter or delete the information provided as required by UPS’ business needs.
Sr. Information Security - 3rd Party Risk Analyst
- Alpharetta, Georgia
Sr. Information Security Analyst
We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.
About Information Security at UPS Technology:
Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends. As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.
About this role:
The Sr. Information Security Analyst identifies, investigates, analyzes, and remediates information security events to ensure enterprise integrity against technical and physical risks. He/She conducts quality management reviews to evaluate the effectiveness of security controls. This position reports on the controls effectiveness for mitigating exposure to identified risks. He/She communicates security issues and control gaps through security governance processes. This position implements and integrates risk management procedures across the enterprise. He/She participates in the development and maintenance of business continuity planning, data, systems, and network security for systems & controls related to their job duties.
The Sr. Information Security Analyst will assist in supporting UPSs’ Risk Management program. He/She will conduct information security assessments and/or compliance reviews on internal UPS systems and third party vendors. The Sr. Analyst will prepare and initiate assessments/audits facilitated by electronic survey's and questionnaire assessments, interviews and security control reviews. He/She will provide support for internal and external security assessments, including gathering and discussing evidence, and tracking remediation responses and activities.
The Sr. Information Security Analyst is expected to perform the following key tasks:
- Identifies key points of contact, establish communication channel. Collaborates with functional teams on cyber risks and company information security initiatives
- Initiates security assessment/audit overview meetings and schedule Q&A sessions
- Performs security risk assessments and provides information security awareness
- Conducts internal security and confidential information investigations and information usage security audits
- Leads and supports enterprise wide information security and cyber risk assessments with technical and non-technical teams
- Manages assessment/audit time line for questionnaire, interview, evidence verification, and report preparation
- Proactively identifies and develops recommendations to information security and cyber risk issues and vulnerabilities by working with multiple teams including privacy, compliance, internal audit, legal, HR, information technology, etc.
- Contributes to the development of the information security requirements of vendor and customer security control requirements to ensure UPS's information assets are protected, and follow UPS policies, standards and compliance obligations
- Ensures all Infosec controls meet company standards for confidentiality, integrity, availability and defense in depth security principles
- Provides security control remediation responses where Infosec controls are found to be deficient or non-compliant
- Responds to UPS customer inquiries and audits of UPS's security program
- Reviews and negotiates InfoSec contractual terms in vendor/customer contracts
- Develops and maintains relevant security risk metrics to promote transparency across the organization
- Measures, monitors and reports on information security risks to Sr. Management
- Performs other duties as assigned
- Experience gathering information from a range of different sources, developing and creating search queries
- Experience in using InfoSec assessment/audit tools and/or controls questionnaires based industry standard frameworks (i.e. NIST; ISO; Cobit; CSA)
- Experience with regulatory requirements (i.e. PCI; GDPR; HIPPA; Privacy; NYDFS; etc)
- Experience using GRC tools and technologies in support of the assessment/audit process
- Advanced experience with Auditing Controls, I.T. Auditing fundamentals, Cybersecurity Analysis and documentation
- Demonstrated experience across information security and cyber risk domains required
- Candidate must have excellent organization skills and be a self-motivated learner
- CISA, CRISC, CISM, or CISSP certifications (one or more) required
- Bachelor's degree in Information Technology, Information Security, Computer Science, Auditing or equivalent
- Demonstrated advanced verbal and written communication skills
- Excellent organization skills and be a self-motivated learner
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
- Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer
- Now or in the future UPS employment sponsorship, such as H1B, TN, J-1, F-1, etc., is not needed in order to start or continue temporary or permanent employment with UPS
- One or more InfoSec certifications required: CISA / CRISC / CISSP / CISM
- 3 or more year of experience working directly in or indirectly with the Information Security department on projects, assignments, or risk assessments
UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law.
UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law