Information Security Analyst - Attack Surface Reduction Governance and Execution
$57,000 - $99,000/Yr
TD Bank - Mount Laurel, NJ
posted 4 days ago
Full-time - Mid Level
Hybrid - Mount Laurel, NJ
Credit Intermediation and Related Activities
About the position
The Senior Information Security Analyst defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank. Participates on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level for own area.
Responsibilities
- Participates on projects of moderate to high complexity
- Acts as a key resource and subject matter expert in at least one technology niche/ field and/or line of business
- Conduct risk assessments to evaluate, prioritize, and address potential threats
- Build and implement approach for efficient risk mitigation, leveraging essential risk frameworks
- Continuously monitor and update risk assessments to reflect changes in the threat landscape
- Articulate risks, threats, and issues clearly and effectively to various stakeholders
- Facilitate discussions to resolve risk-related concerns and achieve consensus on risk treatment and mitigation strategies
- Promote a culture of compliance and risk awareness throughout the organization
- Define, create, and maintain processes and procedures that support the Attack Surface Reduction organizational objectives
- Ensure that all processes are aligned with organizational goals and industry best practices
- Assist in the implementation and enforcement of these processes across the organization
- Support regular audits to ensure compliance with established risk management practices
- Manage the risk treatment workflow, ensuring that all identified risks are appropriately addressed
- Continuously monitor assessments to ensure alignment with governance and compliance controls
- Maintain an advanced understanding of relevant policies, standards, and regulations
- Research and apply compliance measures to ensure adherence to organizational and industry standards
- Identify and assess risks through technical analysis and threat assessments
- Collaborate with technical teams to address cyber issues and enhance the overall security posture
Requirements
- Bachelor's degree preferred
- Information security certification / accreditation an asset
- 5-7 years of relevant experience
- Proficient to advanced knowledge of organization, technology controls / security/ risk issues
- Intermediate level of technical knowledge in support of threat hunting operations
- CISSP, CCSP, CRISC certifications are preferred
Benefits
- Base salary and variable compensation/incentive awards
- Health and well-being benefits
- Savings and retirement programs
- Paid time off (including Vacation PTO, Flex PTO, and Holiday PTO)
- Banking benefits and discounts
- Career development opportunities
- Reward and recognition programs
