Description of Position:
The future of banking is here! We’re building the next generation of banking technology and actively transforming the way we operate. In turn, our Enterprise Information Security department is hiring folks at all levels, from Analyst to Manager.
Enterprise Information Security (EIS) is integrated with the Technology Division (860+ people), and is responsible for enabling secure innovation and business growth for 13,000 employees across 11 states. What’s great about our department is that we laugh with each other, have Executive and Board level visibility and support for our work, and are driving highly visible, enterprise-wide initiatives. We’re focused on creating business value and are seeking like-minded professionals to join our team!
Tasks and Responsibilities:
The Information Security Risk Assessment (ISRA) team helps us move at the speed of business by providing actionable cyber risk decision support. We’re seeking a Risk Analyst for the Information Security Risk Assessment team to perform risk analysis in identifying, classifying, and collaboratively mitigating cyber risk enterprise-wide. You are an analytical thinker, collaborative team player, and an effective, dynamic communicator, able to bridge the gap between business demands and cybersecurity requirements.
This role requires someone who is humble, hungry, and an effective relationship builder with a deep understanding of cyber risk, and the ability to articulate that risk in business terms. The ideal candidate will:
Required Skills, Abilities, and Certifications
- Write and edit reports, assessments, and other documents to provide decision support information regarding security risks and controls to executives, project managers, system owners, business unit managers and others.
- Contribute to the enhancement/refinement of the Information Security Risks & Controls library.
- Manage and perform cybersecurity assessments on emerging/ongoing business initiatives, third-party services and critical infrastructure by assessing the impact and likelihood of risk.
- Assess the impact of potential adverse events.
- Evaluation of a third party by reviewing a third-party questionnaire and evidence of their controls.
- Utilize and maintain systems and procedures to assess the security of information systems.
- Act as an advocate for Information Security to help the business understand information security risks, standards, and best practices.
- Contribute to documentation of Information Security Policies, Standards, Processes, and Procedures.
- Frequent internal and external customer contact. Represents the organization on projects and may perform in project leadership role and/or may supervise the activities of individual contributors.
- Keep pace with emerging technology, cyber threats, and industry trends around cybersecurity.
- Other duties as assigned.
Let’s talk about you:
- Requires a Bachelor’s in Computer Science or other Information Systems related degree or 4+ years of experience in Cybersecurity.
- Requires experience in cybersecurity risk analysis and related security products/systems.
- Requires demonstrable knowledge of information security standards, data security practices and procedures, network security, application security, and database security.
- Requires understanding the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols.
- Requires strong analytical, interpersonal and communication skills.
- Requires demonstrable knowledge of security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs, technology operations, and information security best practices.
- Comfortable working with limited oversight to coordinate and accomplish needed efforts. Independently determines and develops approach to solutions.
- lead by example?
- have experience inspiring and maximizing others’ efforts?
- leverage your own technical expertise to inform and guide others?
- enjoy collaborating with and influencing others to achieve the right outcomes?
- get excited to work on implementing leading-edge solutions against enterprise challenges?
- demonstrate persistence in reaching goals in the face of adversity?
- function as team player who isn’t afraid to challenge the status quo?
- want to work on a team where your input matters?
- think in terms of confidentiality, integrity, and availability?
- excel in learning things quickly and thoroughly?
- transform ambiguity into focused, productive, impactful outcomes?
- love to get things done, the right way, the first time?