Job Details

ID #17183266
State New Jersey
City Fairlawn
Job type Permanent
Salary USD $120,000 - $130,000 120000 - 130000
Source AMS Staffing Inc.
Showed 2021-07-23
Date 2021-07-18
Deadline 2021-09-16
Category Et cetera
Create resume

Information Security Risk Analyst

New Jersey, Fairlawn, 07410 Fairlawn USA

Vacancy expired!

Please send your resume in Word format if you are interested in this

Information Security Risk Analyst opening near Fair Lawn, NJ 07410. Salary for this role is $110K (some flex) + AWESOME benefits, client contributes 4.5% into 401k, bonus of 10% + 6-7% yearly employee stock ownership. Total compensation: $133K distribution in 2023. If you are not interested, please forward to your network. AMS Staffing offers referral fees should they be hired.

Job Title: Information Security Risk Analyst

Location: Fair Lawn, NJ - (2 / 3 Days WFH)

Salary: $110K

Add'l Benefits: Contributes 4.5% into 401k, bonus of 10% + 6-7% yearly employee stock ownership. Total compensation: $133K distribution in 2023

Term: Permanent / Full-Time Role

Please reply with an updated resume in Microsoft Word format

JOB DESCRIPTION:

Financial Experience Required

Overview:Responsibilities will involve support for the Information security program. Reports directly to CISO to ensure that the appropriate threat protection measures and security controls are implemented by adhering to the compliance, privacy, and regulatory standard of the bank. The role requires in depth knowledge of cyber security technology and how to assess technological risks. The incumbent will also be responsible for designing, developing and maintaining the security metrics for the bank, participate as a member of the Cyber Incident Response Team (CIRT) and communicate effectively and take appropriate action to reduce the overall risk to the bank and its customers. Works with the CISO to reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.

Job Requirements:
  • At least one year in your current position, unless determined otherwise by the Bank.
  • Bachelor’s degree in related discipline is required
  • Must have a minimum 5 years of progressively responsible professional experience in information technology, information security, compliance, or risk management environment
  • Must have experience with deployment, management and reporting of compliance and security systems including network-based patch management, firewall, IDS/IPS, vulnerability and security event log management systems
  • Demonstrate extensive organizational, communication and interpersonal skills required
  • Experience working with financial regulatory agencies and 3rd party auditors is a plus
  • Demonstrate experience in business continuity, incident response, third party risk management, and information security and/or IT audit, preferred
  • Industry recognized certification(s) preferred, such as: CISSP: Certified Information Systems Security Professional, CRISC: Certified in Risk and Information Systems Control, CGEIT: Certified in the Governance of Enterprise IT, Certified Information Systems Manager, CISM
  • Must be able to review and analyze data reports and manuals; must be computer proficient
  • Understanding of PC and Local Area Network (LAN) technologies, with at least 3 - 5 years of experience working with network management tools with a focus on security systems preferred
  • Understands security controls such as firewall, IDS/IPS, NGAV, SIEM, and event log monitoring, possesses at least 5 years of experience in working with such technologies.

Responsibilities
  • Work with business units to identify information security requirements using methods that may include risk and business impact assessments. Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks. Participate in the creation of enterprise information security and risk management documents (policies, standards, baselines, guidelines and procedures). Maintains information security documentation including programs, policies, procedures, processes and guidelines designed to ensure the organization’s information security safety and soundness as well as compliance with all applicable banking regulations. Monitors and tests plans to ensure policy and procedure adherence for all system security administration and user system access.
  • Perform gap analysis between the current state of technical cybersecurity risk assessments and required criteria. Conduct Technical application risk assessments and vendor risk assessments. Create and maintain Information Security policy exceptions process. Conducts and coordinates information security assessments, of GLBA, Information Security Program, FFIEC Cybersecurity Assessment Tool (CAT), and NIST CSF. Recommend action plans to address identified issues as necessary.
  • Serves as the liaison between cyber security, risk management, and information security through cyber risk identification, measurement of potential losses, regulatory needs, mitigation, monitoring, reporting and escalation processes. Ensure cybersecurity risk assessments incorporate End of Life/ End of Vendor Service software/ hardware compliance. Commits to ongoing professional education / training / certification in the Information / Cyber Security field.
  • Lead the cyber security awareness training. Maintain up-to-date detailed knowledge of the Information security and Risk Management industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Familiar with email protection from threats including Phishing, BEC, imposter and others. Helps deliver enterprise-wide security awareness training for all employees to ensure consistently high levels of compliance with enterprise security requirements.
  • Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Monitor and Maintain the Security and Risk Management Framework based on FFIEC Standard.
  • Provides technical expertise in threat/risk assessments. Regularly conducts threat modeling assessments on various business channels. Works with the CISO to defines, designs, and implements strategies to protect against emerging threats using security tools. Defines qualitative and quantitative metrics to monitor risk and assess the success of the security program; provide regular reports to security leadership. Regularly schedule internal and external vulnerability reviews and provides KPI metrics for reporting.

Vacancy expired!

Subscribe Report job