Sr RCSA Analyst

TheSenior IT RCSA (Risk Control Self-Assessment) Analystwill be responsible for developing and implementing a standardized framework to identify measure, monitor and assess operational risk across IT. The RCSA Sr Analyst will work with the other 1st Line of Defense teams and is responsible for producing metrics and dashboards to measure the effectiveness of security controls. Responsibilities: Working with key stakeholders within Information Security Office and across the IT to design and implement process improvements to the risk assessment program to continue to evolve and progress the program Collaborate in a matrix environment to develop and facilitate data gathering methodology for daily, weekly, monthly reporting metrics and dashboard(s) to assess IT Security controls Providing risk assessment metrics and reporting to senior management and governance committees including but not limited to status of the assessments and trending and analysis based on the output from the risk assessments. Analyze the short and long-term effectiveness of IT Security controls implemented enterprise-wide Educate risk owners on risk control best practices and may collaborate with other lines of defense in the development and implementation of controls. Assist incompany-wide security awareness program to create intent and awareness of effective RCSA program Assists in the early identification of risk trends by establishing and monitoring key performance and risk indicators. Analyze the short and long-term effectiveness of IT Security controls implemented enterprise-wide Qualifications Bachelor's degree in information security, information assurance, computer science, management information systems, computer information systems, related discipline, or equivalent relevant experience. Minimum of 5 years' experience in one or more of the following areas: ITInternal Audit, Governance/Risk and Compliance, IT Security, or Risk Control Self-Assessments Ability to assess various controls throughout Technology and create comprehensive dashboards and metrics from multiplesources Developing, documenting, and tracking security control effectiveness Strong verbal and written communication skills and able to present to senior stakeholders with impact and influence Preferred Qualifications Experience with Archer, Tableau, or Microsoft Power BI tools 8 years as an Information Security Analyst, Administrator, or Engineer with security and privacy frameworks (such as NIST-National Institute of Standards and Technology, FFIEC-Federal Financial Institutions Examination Council, New York State Department of Financial Services, and California Consumer Privacy Act) Experiencewithcloud security and reporting tools (CloudFront or etc.) Certifications: CISM, CISSP, CEH, CISA, CRISC, CompTIA Security+, CompTIA Network+, and/or other security certification