Information Security Analyst

Fidelity National Financial - Jacksonville, FL

posted 4 months ago

Full-time - Mid Level
Remote - Jacksonville, FL
Insurance Carriers and Related Activities

About the position

Fidelity National Financial (FNF) is seeking an Information Security Analyst to join our Information Security Office (ISO). This position plays a crucial role in evaluating exception management, IT and security risks, and threats, with the goal of reporting on identified issues. The analyst will need to understand the organization's business processes and culture to ensure that the goals and objectives align with the functional capabilities and controls related to the implementation and operation of the Information Security Program. The role involves assessing potential risks by analyzing processes and systems in accordance with existing policies, procedures, and standards. Additionally, the analyst will gather exception requests and track mitigation plans in a timely manner to ensure accountability within the program. The position can be based at our headquarters in Jacksonville, FL, which is preferred, or it can be performed 100% remotely. The analyst will assist in the design and development of the exception management program components, including the deployment, completion, and reporting of exception reporting and metrics. Responsibilities also include inputting and maintaining exception tracking tickets within the Governance, Risk, and Compliance (GRC) tool, assisting with the risk evaluation of new or existing policy exceptions, and facilitating the development and ongoing management of risk remediation plans. The analyst will develop and manage a mechanism for reporting new, current, and expiring exceptions, and will prepare status reports and presentations on a timely basis. This role requires effective communication and teamwork with other departments within FNF and its subsidiaries, along with other ISO duties as assigned.

Responsibilities

  • Assisting with the design and development of the exception management program components.
  • Deployment, completion, and reporting of exception reporting and metrics.
  • Input and maintenance of the exception tracking tickets within the GRC tool.
  • Assisting with the risk evaluation of new or existing policy exceptions.
  • Facilitating the development and ongoing management of risk remediation plans.
  • Developing and managing a mechanism for the reporting of new, current, and expiring exceptions.
  • Preparing status reports and presentations on a timely basis.
  • Collaborating with other departments in FNF and its subsidiaries.

Requirements

  • Bachelor's Degree in a technology-related field, Information Security field, or related field augmented by industry-related training programs and supported by work experience.
  • 3 - 5+ years of information security experience.
  • Experience in assessing IT and security risks, processes, functions, and controls.
  • Strong organizational, communicative, and interpersonal skills.
  • Familiarity with IT and Security principles/frameworks such as COBIT, NIST CSF, Cloud Controls Matrix, CIS CSC, ITIL, ISO 27001.
  • Ability to prepare presentations, status reports, process narratives, and workflow diagrams.
  • Excellent written and oral communication skills.

Nice-to-haves

  • Security-related certifications such as CISA, CISSP, CISM, CRISC, or Security+.
  • Experience with GRC related software.
  • Experience with Risk Management Frameworks and Unified Compliance Framework.
  • Familiarity with SOC2 or Trust Services Principles.
  • Proven ability to work independently and cross-functionally.
  • Self-starter with a proven track record of execution and results.
  • Great business judgment, ability to influence others, and strong analytical thinking.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service