Before you apply to a job, select your language preference from the options available at the top right of this page.

Explore your next opportunity at a Fortune Global 500 organization. Envision innovative possibilities, experience our rewarding culture, and work with talented teams that help you become better every day. We know what it takes to lead UPS into tomorrow—people with a unique combination of skill + passion. If you have the qualities and drive to lead yourself or teams, there are roles ready to cultivate your skills and take you to the next level.

Job Description:

We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.

About this role:

The Information Security Analyst performs the role of trusted advisor with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness. He/She interfaces with IT and business colleagues, and auditors, articulating control implementation and impact, and establishing considerations for maintaining and applying security and compliance concepts to varied technical environments (On premise, cloud). He/She performs a broad range of complex analytical and technical work activities to identify, investigate and assess the information security capabilities of Information Security Programs and IT Systems. This position determines the effectiveness of information security controls, identifies risks and control gaps, process improvements, and solutions through the security governance process. He/she effectively communicates compliance activity results, remediation, and reporting, to a broad audience including peers and senior leaders. He/She contributes to metrics, visibility dashboards for reporting on Governance, Risk and Compliance (GRC) program statuses of IT security and IT regulatory compliance postures. He/She maintains current knowledge of developing technologies and applications. The Information Security Analyst reports to the Information Security Manager in the Information Security Governance, Risk and Compliance (GRC) group.

Job Duties and Responsibilities:

Assesses Risks and Manages Information Security Controls

Assesses risks to I.T. systems’ availability, integrity, and confidentiality to ensure security and service continuity. Provides guidance for information assurance strategies to manage identified risks. Performs or participates in security risk assessments, business impact analyses, and application accreditation assessments to maintain compliance of information systems and to support the achievement of business. Identifies industry best practices, standards, methods, tools, and applications to optimize UPS’s business risk management. Analyzes security audit findings and recommends changes to improve the adequacy and effectiveness of security policies, best practices, procedures, and the security control environment. Evaluates and recommends corrective action plans to meet regulatory compliance frameworks such as Payment Card Industry (PCI) and Sarbanes Oxley (SOX).

Interfaces with Colleagues, Stakeholders, and Team Leader

Communicates identified areas for process improvements and solutions. Develops and presents technical and business solutions to facilitate process improvements.

Contribute to Information Security Projects

Assists in the development of project plans to estimate resources, plan schedules, define goals, establish metrics, assess risks, and develop cost plans and to provide stakeholder reports. Provides status communications for senior management on issues, concerns, and risks to recommend solutions and to ensure products meet customers' needs. Balances multiple projects and deployment schedules to meet stakeholder goals and expectations. Manages the change control procedure to ensure project deliverables are formally reviewed, completed within planned cost and timeframe, and closed.

Minimum Qualifications:

• Minimum 2 years or more experience in Information Technology or Information Security experience
• Must have experience with Cloud security technologie s used to measure and continuously monitor compliance.
• Regulatory Compliance – Experience with various compliance frameworks, such as Payment Card Industry (PCI), Sarbanes Oxley (SOX), CSA Cloud Control Matrix (CCM), etc.
• Disaster Recovery – Have 1 year of experience with Business Continuity or Disaster Recovery planning
• Technical Skills – Solid technical analysis and troubleshooting skills, including ability to analyze a problem or project quickly and accurately
• Communication – Strong verbal and written communication skills, especially during customer interactions
• Demonstrated ability to take initiative, action and exercise discretion when needed
• Experience with Azure, Google Cloud Platform (GCP) and/or Oracle.
• Confidentiality – Ability to maintain confidentiality is required plus
• Scripting or coding experience
• Knowledge of regulatory compliance (PCI, GDPR) and security for containers
• Bachelor's Degree in Computer Science, Information Security or related discipline, or the equivalent in education and work experience

Industry Certifications

Must possess one or more of the following information security certifications or demonstrate ability to gain a certification within 6 months of joining our team.

• Certified Information Systems Security Professional (CISSP) – Associate
• Certified in Risk and Information Security Controls (CRISC)
• Public Cloud Certification (Google Professional Cloud Security Engineer Certification preferred)

This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.

Employee Type:

UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.

Other Criteria:

UPS is an equal opportunity employer. UPS does not discriminate on the basis of race/color/religion/sex/national origin/veteran/disability/age/sexual orientation/gender identity or any other characteristic protected by law.

Basic Qualifications:

Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer.