Janus Henderson Investors Security Analyst in Denver, Colorado
Janus Henderson Global Investors is a leading independent global asset manager, dedicated to delivering the best outcomes for clients through a broad range of actively managed funds.
We provide our institutional, retail and high net-worth individuals with access to skilled investment professionals representing a broad range of asset classes including, equities, fixed income, multi asset and alternatives.
We are a team of independent thinkers who work tirelessly to help our clients achieve their goals – and we do it by fostering an energetic and collaborative culture that ensures our people love the place they work.
Headquartered in London, Janus Henderson is a truly global asset manager with a diverse geographic footprint, managing assets from 27 offices globally and employing more than 2,000 staff.
Overview of the Role
The Security Analyst is responsible for developing, monitoring, evaluating and maintaining systems and procedures to protect the confidentiality, integrity and availability of information systems. This position evaluates existing data security procedures and identifies new areas of risk as well as reviewing new security applications. The position performs vendor risk assurance on the security of external vendors. The position communicates with non-technical audiences about security topics, and collaborates with technical engineers on security implementation. This is a technical position that requires knowledge of security industry standards, provide technical security recommendations and/or solutions around systems and networks, and have a solid understanding of overall IT architecture.
Duties and Responsibilities
Coordinate the third party vendor risk management program for Information Security
Assess the security posture of external third parties that the company utilizes to conduct its operation and recommend mitigating controls for deficiencies
Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information
Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures
Assist in the vulnerability assessment and scanning program
Perform security incident investigations including: chain of custody, containment measures, root cause analysis, and identification of preventive measures
Verifies security controls in new and existing computer systems conform to security policies and guidelines.
Identify potential security risks, and document remediation options or mitigating controls.
Assists in the development and communication of an overall, company-wide security strategy to identify and protect critical information and accessibility on the computer network
Assist in integrating regulatory compliance requirements (e.g., SOX, GLBA) into the organizational security roadmap
Evaluate and implement security related solutions, adhering to established change control processes
Assist with the implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
Creates, designs and implements processes for the production environment to identify unauthorized access and malicious activity
Participate in the Information Security on-call rotation
Assumes additional duties as assigned
Technical Skills and Qualifications
Two to Five years’ experience in information security.
Excellent verbal and written communication skills with Business Partners & Vendors.
Intermediate to advanced knowledge in incident response and intrusion detection systems, and security scanner tools.
Proficient in the security of Windows and UNIX (security access rights, configuration best practices, and potential vulnerabilities).
Analytical ability to gather and summarize information, find solutions to various tactical and strategic problems and prioritize work
Intermediate knowledge of the OSI model and security that is associated with each layer.
Intermediate knowledge of wide area network security as it pertains to networking protocols and connectivity to/from outside resources (switches, routers, firewalls, VPNs, encryption, and authentication methods).
Intermediate knowledge of SQL, and modern scripting languages.
Ability to manage multiple projects and tasks.
Bachelor’s Degree in Computer Science and/or related field preferred.
Intermediate to advanced security related certifications preferred (Security+, CEH, CISSP, OSCP, etc).
Ongoing competence in the role to be assessed by:
Annual Performance Appraisal
Completion of all assigned Compliance training
Working Environment/Physical Activities
PC usage up to 100% of the time.
Basic office equipment such as telephone, fax machine, copier, etc.
Digital Pager and Cell Phone may be required.
Business travel may be required.
Overtime and weekend hours may be required.
Janus Henderson Investors (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson Investors at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investors' Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson Investors is an equal opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.