Lead Information Security Analyst

About The Position

Requirements

• 5+ years of Information Security Analysis experience or equivalent work experience, training, military experience, or education.
• 3+ years of experience managing cyber policy governance, including drafting policy.
• 4+ years' experience with identity and access management, infrastructure security, cryptography, data loss prevention, or incident response.
• 4+ years' experience in the development and management of complex programs in Cybersecurity or banking operations.
• 4+ years of experience in financial services or a highly regulated industry, with knowledge of the regulatory environment.
• 4+ years experience with change management principles and strategies.
• 4+ years of Technical Writing experience.
• Knowledge of COBIT, FedRamp, FFIEC, ISO, MITRE, NIST, and other key industry frameworks.
• Functional experience across two or more Cybersecurity domains.

Nice To Haves

• Experience with developing and presenting business management materials to senior management.
• Strong critical thinking skills and attention to detail.
• Advanced proficiency in MS Word, Excel, and PowerPoint.
• Experience with agile methodology and Atlassian products.
• Experience with data aggregation and reporting tools like Tableau.

Responsibilities

• Lead a policy governance body to identify, formulate, and implement Cybersecurity policies and procedures.
• Provide advanced information security consultation for compliance policy, risk management, and remediation.
• Direct information security risk assessments and recommend remediation plans.
• Influence stakeholders on changes to assets to impact control decisions.
• Consult on complex security issues and findings, managing critical information assets.
• Evaluate and interpret internal and companywide information security policies and participate in decision-making.
• Advise on the development and delivery of Information Security Education and Awareness.
• Collaborate with peers and managers to resolve issues and achieve goals.
• Coordinate with vendor managers on third-party assets to manage information security risks.
• Mentor less experienced staff and lead complex Cybersecurity policy governance areas.
• Develop and execute Cybersecurity policy governance strategies and annual activities.
• Deliver periodic business and operating reports, identifying risks and issues.
• Build strong relationships with program sponsors and key stakeholders.
• Deliver clear and actionable communication to various levels of the organization.

Benefits

• Diversity and inclusion initiatives
• Drug and alcohol-free workplace
• Accommodations for applicants with disabilities