Our Client is one of the leading investment banks in the world, and for their growing professional team we are looking for an Information Security Program Analyst.
Information Security Program Analyst
Feladatok
- Governance of Application System Testing standards and policies - review the standards and
make enhancements based on application assets
- Identify compliance objectives and map program deliverables to the requirements
- Document scope of assets to be included in the system security testing standard for
vulnerability assessments
- Collaborate with business and enterprise architecture team to implement changes required to
identify assets for vulnerability assessments scoping
- Document business requirements related to system enhancements and submit for reviews
and approvals
- Map out process flows for controls in systems and review for improvements to make controls
more effective
- Monitor vulnerability assessment exemption and exception requests and process based on
documented system testing standards and policies
- Collect information for generating and communicating responses for internal audit questions and deliverables promptly
- Design and implement a solution for performance measurements on effectiveness of controls
and overall vulnerability assessment program
- Analyze trends on assets security health posture and report using visualization tools for
program review with management and stakeholders
- Provide timely, accurate, and actionable reporting on application vulnerability activity, trends,
service levels, and areas of concern to senior management
- Document and standardize business rules for accurate compliance measurements and
tracking metrics based on application security testing standard
- Work with the Metrics reporting team to enhance and refine the metrics and key
performance indicators reported to senior management and external regulatory agencies
- Develop User acceptance test plans for testing changes to system enhancements that impact
governance and compliance
- Serve as a Program SME and drive open issues to a closure with appropriate resolution
- Update power point presentations monthly and quarterly for application security program
reviews
- Train and mentor team members as needed
- Weekly and Monthly Status reporting for the program
Követelmények
- 3+ years of experience in information security or related technology experience
- Experience working in an information security team defining, revising and implementing
corporate information security policies
- Experience analyzing security assessments and creating metrics visualizations for analytics
- Experience reviewing application security testing results from various testing tools
- Project Management experience a plus
- Experience with governance and implementation of security policies, standards, procedures,
programs, plans and processes
- Experience coordinating initiatives related to process control design and testing
- Professional Certifications in Information Security domain a plus
- Demonstrate an aptitude to develop and implement application security strategies and plans
based on company standards
- Familiarity with security standards such as OWASP, NIST, PCI DSS, etc.
- Consistently demonstrates clear and concise written and verbal communication
- Proven analytical, influencing and relationship management skills
Education:
- Bachelor’s degree or equivalent experience
Amit kínálunk
Competitive compensation package with extensive benefits:
- Private Medical Care Program and onsite medical rooms in our buildings
- Pension Plan Contribution to Voluntary Pension Fund
- Group Life Insurance
Flexible work arrangements
Continuous career progression opportunities across geographies and business line
An inclusive and friendly corporate culture with diverse networking opportunities
Munkavégzés helye
