Pay Rate- $62.43
OVERVIEW:
Leads a security practice focused on specialized assessment of security controls for systems and applications. Leverages a risk-based approach to ensure appropriate security principles and controls are applied during the system development life cycle to meet stakeholder objectives and protect customer and corporate assets in line with enterprise risk appetite.
PRIMARY RESPONSIBILITIES:
Obtain a basic understanding of enterprise architecture to identify security gaps, develop controls and design solutions meeting business objectives while complying with security standards.
Recommend security controls required to protect confidentiality, integrity and availability of customer and corporate data in line with the enterprise risk appetite based on Bank policy and standards.
Document and verify recommended security controls are aligned with Bank policies and standards as well as industry best practices; ensure proper documentation of exceptions to standards and/or recommend mitigating controls.
Prepare required systems and applications security documentation, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices. Present and explain standards relevant to projects and need for compliance.
Communicate required systems and applications security controls to owners or technical leads, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
Engage with other Solutions Architects and Technology teams to identify security risks of proposed projects and recommend system and application modifications.
Remain current with industry trends and security threats.
Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the *** brand.
Maintain Company's internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
EDUCATION AND EXPERIENCE REQUIRED:
Minimum of 2 years higher education and 3 years relevant work experience, or in lieu of a degree, a combined minimum of 5 years higher education and/or work experience, including a minimum of 3 years relevant work experience.
Basic knowledge of cybersecurity principles and organizational requirements relevant to confidentiality, integrity, availability.
Basic understanding of information technology security principles.
Basic knowledge of security controls.
Experience working in a group environment and completing tasks in a timely fashion.
EDUCATION AND EXPERIENCE PREFERRED:
Bachelors Degree.
CISSP (Certified Information Systems Security Professional) or CRISC (Certified Risk and Information Systems Control) certification or Cybersecurity domain-related industry-recognized certification.
Self-motivated.
Willing to learn in a fast-paced environment.
Basic experience with information technology security concepts and technologies.
GIAC Security Essentials (GSEC), Certified Ethical Hacker (CEH), Security + certification or related certification.
Basic knowledge of security technologies and architecture, including at least two of the following: encryption, cloud network security design, Role Based Access Control, perimeter security and application security.
Basic understanding of how to protect information systems from cybersecurity threats.
EEO:
Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans. •
Last updated on Nov 13, 2023