IT Security Analyst I - Risk Assurance

The Assurance and Testing Team, within Risk, Information Security, and Compliance (RISC), is responsible for completing risk assessments across many of the products, services, office and datacenter locations and enterprise tools. This team is on the cutting edge of cyber security within the largest FinTech in the world!

• Assist in implementation and audit of industry standards such as ISO/IEC 27001:2013, SOC Reporting, TISAX etc.
• Assist with the strategic objectives of the risk management program including execution of risk assessment activities, coordination of risk response and program testing and validation.
• Contribute to reviews of significant events and advise co-workers of action steps required to prevent future recurrence.
• Assist with risk assessments related to the Data Protection, Information Security and Enterprise Risk Management programs as well as other projects throughout various risk disciplines while identifying potential issues, control gaps and potential process efficiencies.
• Conduct risk analysis and present continuous control improvement ideas to team leadership.
• Create information security documentation related to work area and complete requests in accordance with company requirements.
• Respond to information security-related questions and inquiries using established information security tools and procedures.
• Resolves and/or performs follow through to resolve all information security issues and questions.
• Implement and administer information security controls using software and vendor security systems.
• Identifies opportunities and executes plans to improve workflow and understands and quantifies business impacts of those improvements for communication to management.
• Interfaces with user community to understand security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security.
• Provides status reports on security matters to develop security risk analysis scenarios and response procedures.

• Bachelors degree in computer science or the equivalent combination of education, training, or work experience
• Proficiency in Microsoft Office Suite
• Strong written and communication skills
• Adaptability, a drive to learn (self-motivated), and strong problem-solving skills
• Ability to work well independently and within a team
• Knowledge of networks technologies (protocols, design concepts, access control)
• Knowledge of security technologies (encryption, data protection, design, privilege access, etc.)