C Credit Acceptance
Informaiton Security Analyst
US-MI-Southfield
Feb 2

--------------------------------------------------------------------------------

JOB DESCRIPTION
---------------------------------------------------
Information Security Analyst - Southfield, MI

 

- Relevant Work Experience: 1+ to 2 Years

- Education Level: Bachelor's Degree

 

Company Information:

Founded in 1972 by Don Foss, the world's largest independent used car

dealer in the 1970s and 1980s, Credit Acceptance provides vehicle

loans to consumers regardless of their credit history. Without our

Company, consumers may be unable to purchase a vehicle, may purchase

an unreliable one, or may not have the opportunity to improve their

credit standing. To date, Credit Acceptance has helped to change the

lives of nearly 300,000 consumers.

 

Offered through a nationwide network of over 1300 automotive dealer-

partners, our Guaranteed Credit Approval Program provides dealer-

partners with the opportunity to deliver credit approvals to

consumers within 30 seconds through the Internet using our patented

Credit Approval Processing System (CAPS). Headquartered in

Southfield, Michigan, with an additional call center in Henderson,

Nevada, Credit Acceptance is a 750-employee growing and progressive

Company lead on the values of honesty, teamwork, learning, urgency

and fun. Credit Acceptance is publicly traded under the symbol CACC.

For more information, visit www.creditacceptance.com.

 

General Duties/Essential Functions:

q Responds to security events escalated by external managed

security monitoring company.

 

q Compiles and disseminates security incident reports.

 

q Develops procedures, guidelines, standards and best practices

related to security including platform standards, firewall rules, and

router access controls.

 

q Responsible for interacting with auditors, clients and third

party inquiries in the area of information security.

 

q Maintains vendor relationships in the area of Information

security.

 

q Assists with the clarification of individual information

security responsibility and accountability so that necessary

information security activities are performed as needed, according to

pre-established procedures, policies and standards.

 

q Investigates the ways that information security related

technologies, requirements statements, internal processes, and

organizational structures can be used to achieve the goals found in

the Credit Acceptance strategic plan.

 

q Understands the fundamental business activities performed by

Credit Acceptance, and based on this understanding, suggests

appropriate information security solutions that adequately protect

these activities.

 

q Performs periodic Credit Acceptance risk assessments that

identify current and future security vulnerabilities, determines the

level of risk that management has currently accepted, and identifies

the best ways to reduce information security risks.

 

q Assists with the establishment and refinement of procedures

for the identification of Credit Acceptance information assets as

well as the classification of these information assets with respect

to criticality, sensitivity, and value.

 

q Prepares post mortem analyses of information security

breaches, violations, and incidents to illuminate what happened and

how this type of problem can be prevented in the future.

 

q Stays informed about the latest developments in the

information security field, including new products and services,

through online news services, technical magazines, professional

association memberships, industry conferences, special training

seminars and other methods.

 

q Responsible for technical administration of the Intrusion

Detection and Identity Access Management systems.

 

Background Requirements:

q 1-2 years in a position dealing with information security

required

 

q Bachelor's Degree required

 

q Familiarity with Sarbanes-Oxley, GLBA and ISO 17799 required

 

q Familiarity with Firewalls, Computer Forensics, and Intrusion

Detection required

 

q Security certifications (CISSP, Security+, GIAC, etc.) are

preferred

 

Abilities and Skills Profile:

 

q Strong technology (computer) skills required

 

q Windows and Unix experience strongly preferred

 

q Ability to balance security best practices with business

objectives

 

q Detail oriented

 

q Strong written and oral communication skills

 

q Strong analytical skills

 

q Strong organizational skills

 

Contact Information:

Company: Credit Acceptance Corporation

Email: humanresources@creditacceptance.com