Information Security Analyst - Issue Remediation
Company: Vector Talent Resources, Inc.
Location: Vienna
Posted on: March 20, 2023
Job Description:
Location: 100% Remote
Client: Major Financial Institution ($160 Billion in Assets, 21,000
Employees)
Contract Duration : 6 months+
Benefits: Medical, Dental, Vision, PTO, and Paid Holiday
Pay: $80/hour
The Information Security-Issues Remediation (ISIR) Analyst will be
experienced in reviewing issue/finding remediation plans and
ensuring they are able to address the issues identified and if
needed that those plans can be validated and are within an
acceptable timeframe. The ISIR analyst should have prior
issues/findings experience especially with remediation plans and
validation of implementation, this could be from Internal Audit,
Risk, or Regulatory experiences.
In addition to remediation experience, they should understand risk
framework implementation, risk management, security control
interpretation, control assessments, standards, and enterprise
Governance, Risk and Compliance (GRC) tool operations (i.e.,
ServiceNow, Archer, Logic Manager). The ISIR Analyst will
understand how information security standards apply to the business
and be able to articulate need for controls.
The ISIR Analyst will be responsible for supporting the daily
operations of reviewing remediation plans and conducting follow up
activities. Researching issues, facilitating meetings, and aiding
the business to ensure the comprehensiveness and detail of their
exception remediation plans and progress on their timelines until
closure. Evaluate exception issue remediation plans as they come up
for re-review/renewal/expiration.
Responsibilities
- Review remediation plans to ensure they are actionable, timely,
and can be validated to ensure remediation of the issues
identified
- Set up meetings with stakeholders within IT and across the
credit union to assess and discuss progress of remediation plans
and document accordingly in the system
- Perform work withing Logic Manager, Archer and Service
Now
- The analyst may also be asked to assist as needed with the
following other duties of the team:
- Assess exceptions requests and ensure the completeness and
accuracy of the submission to allow for evaluation by
management.
- Leverage various communications channels and conduct meetings
to obtain required information.
- Support the Data Transfer Authorization (DTA) process
- Work within the Archer platform
- Support metrics and reporting around Exceptions and DTA
processes.
- Seek out and share opportunities to introduce process
efficiencies.
- Support migrating processes to being managed and facilitated
through ServiceNow GRC platform.
- Aid the business units in understanding and acting on
Standards, including support and review of procedures, hardening
standards, and directives.
- Keep current with Information Security best practices and
industry trends and communicate/apply these practices to policy
improvements and compliance actions.
- Develop and maintain a thorough understanding of Information
Security industry standards/trends, best practices, processes, and
technology; communicate information to team members as
appropriate.
Qualifications
- Experience in Internal Audit, Risk, or Regulatory with a focus
on finding/issue remediation
- Issue/Finding remediation tracking and validation
- Experience in the credit union/financial services industry with
a focus on regulatory frameworks, information security assessments,
and remediation activities
- Experience in information security processes, concepts,
principles, and methodologies
- Experience in audit and information security risk
assessments
- Knowledge of applicable federal and state laws, rules, and
regulations (i.e., Federal Financial Institutions Examination
Manual (FFIEC), National Information of Standards and Technology
(NIST), and International Standards Organization (ISO)
- Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber
Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20,
PCI DSS, and other Information Security requirements and
frameworks
- Experience that demonstrates knowledge of data security
practices and procedures, including risk assessment, authentication
technologies, and security attack pathologies
- Effective planning and organizational skills
- Effective research, analytical and problem-solving
skills
- Strong verbal, written and interpersonal communication skills,
including technical writing
- Bachelor's Degree in business, information systems or related
field or equivalent work/military experience
- CISSP, CISA, CCSP, CRISC or other Information Security
certifications
- Ability to present findings and conclusions clearly and
concisely
- Experience in working with all levels of staff, management,
stakeholders, and third parties
- Ability to build effective relationships through rapport,
trust, diplomacy, and tact
- Strong word processing and spreadsheet software skills
Remains cognizant of and adheres to the client's (Financial
Institution) policies, procedures and regulations pertaining to the
Bank Secrecy Act.
Vector Talent Resources is an Equal Opportunity/Affirmative Action
employer. All qualified candidates will receive consideration for
employment without regard to disability, protected veteran status,
race, color, religious creed, national origin, citizenship, marital
status, sex, sexual orientation/gender identity, age or genetic
information.
Keywords: Vector Talent Resources, Inc., Washington DC , Information Security Analyst - Issue Remediation, Professions , Vienna, DC
Didn't find what you're looking for? Search again!
Loading more jobs...