2 Information Security Analyst III (Security Process Assurance & Regulatory Compli Jobs in Winchester, VA
Navy Federal Credit Union is Hiring an Information Security Analyst III (Security Process Assurance & Regulatory Compli Near Winchester, VA
Overview
The Information Security Analyst will be an expert in information security risk, risk management, security control interpretation, control assessments, standards, and enterprise Governance, Risk and Compliance (GRC) tool operations (i.e. Service Now, Logic Manager). The analyst will understand how NFCU standards apply to the Framework controls, and be able to interpret and articulate both while working across the enterprise to ensure alignment. The analyst will be a specialist in contemporary information and cybersecurity threats and be able to advise on mitigation to business units. The analyst will have expertise to advise projects, programs, and strategic initiatives for secure design and development of organizational systems.
This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.
Responsibilities
- Analyzes and evaluates existing information security programs and procedures to protect corporate information systems assets from intentional or inadvertent modification, disclosure, or destruction.
- Offer expertise, written and oral, with excellent customer service, in interpretation of security controls, risk and overall results to business units and leadership as needed.
- Analyze, articulate and write control assessment results, from manual and automated methods, in addition to the operational and residual risk of the asset/system. Communicate often results with the customer in order to facilitate remediation as quickly as possible.
- Understand and execute the NIST Cyber Security Framework (CSF), risk management, and applied security controls from NIST, PCI DSS, NCUA, CFPB and other FFIEC control standards as assigned.
- Conduct comprehensive security control assessments according to NIST frameworks to (examine, interview, test) systems and assets.
- Write guidelines for stakeholders pertaining to the enterprise framework, control assessments, remediation plans, and other topics as directed; Work with the communications team in refining products to make appropriate for intranet consumption.
- Document issues as findings within the relevant tool; track remediation plans with business units; track, report on, and understand existing security exceptions for assigned systems or assets.
- Run recurring compliance (findings) reports as needed from the GRC tool that are accurate, timely, and in a format presentable for executives and business unit stakeholders.
- Write and update standards as directed, identifying and communicating gaps and changes as needed. Understand their mapping to specific security controls within the GRC tool. Interpret, explain and educate the standards to customers as needed.
- Performs risk assessments of business processes, systems and applications.
- Analyzes and evaluates the design and operating effectiveness of Information technology and security controls that are in place.
- Evaluates current business practices against regulatory and industry benchmarks.
- Performs assessments of new and existing vendors' IT environments in protecting Navy Federal information assets from data compromise and/or identity theft.
- Communicates with internal Navy Federal personnel to understand the services and/or products being provided by the vendor.
- Evaluates the security controls the vendors have in place.
- Assesses a residual risk rating for the vendor based upon their control environment.
- Communicates with vendor personnel throughout the review process.
- Communicates status of reviews to Information Security management and internal business stakeholders.
- Assists with the education of staff on the requirements of information security and the efforts to improve information security awareness.
- Performs other related duties as assigned.
Qualifications
- Bachelor's Degree in a related field or the equivalent combination of training, education, and experience.
- Extensive experience in computer and information security assessment, administration, and management. (3 years years)
- Extensive experience in the evaluation and assessment of security risks and controls in place around business processes, systems and applications. (3 years)
- Extensive experience in the evaluation and assessment of security risks and controls in place at third party suppliers that access, process or store confidential data. (3 years)
- Comprehensive knowledge and understanding of best practices, trends related to information security.
- Comprehensive knowledge of information security regulations and legislations.
- Knowledge of NCUA and FFIEC regulations, GLBA, NIST and other information security requirements and frameworks.
- Formal project management experience which includes organization skills, managing strategy, project communications (internal and external to team), and planning and directing the work of participants.
- Strong research, analytical, and problem solving skills.
- Highly developed communication skills including preparing and presenting results, findings, recommendations and influencing management decision making based on the best available data.
- Excellent writing skills with experience drafting Executive-level documents.
Desired Qualifications
- Experience in the financial services field highly preferred.
- Experience with security systems, assessment tools, and technical security.
- Professional certifications (CISSP, Cloud, etc.) or a reasonable expectation to obtain the certification.
Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive Pensacola, FL 32526 | 141 Security Drive Winchester, VA 22602
About Us
Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks. * Best Companies for Latinos to Work for 2024* Computerworld Best Places to Work in IT* Forbes 2024 America's Best Large Employers* Forbes 2023 The Best Employers for New Grads* Fortune Best Workplaces for Millennials 2023* Fortune Best Workplaces for Women 2023* Fortune 100 Best Companies to Work For 2024* Military Times 2023 Best for Vets Employers* Newsweek Most Loved Workplaces * Ripplematch Campus Forward Award - Excellence in Early Career Hiring* Yello and WayUp Top 100 Internship ProgramsFrom Fortune. 2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/DisabilityHybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market positionBank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.Job Summary
Full Time
Banking
$95k-118k (estimate)
09/12/2024
11/11/2024
navyfederal.org
VIRGINIA BEACH, VA
3,000 - 7,500
1933
$5B - $10B
Banking
Related Companies
About Navy Federal Credit Union
Navy Federal Credit Union is the worlds largest credit union with over 10 million members, over $146 billion in assets, and over 23,000 employees. As a credit union, we have members, not customers. At our campuses in Vienna, VA, Pensacola, FL, Winchester, VA, and in our more than 340 branch offices, we serve the men and women of the Armed Forces, Department of Defense, veterans, and their families. We deliver world-class service, rooted in the belief that it is an honor and privilege to serve our members. We are committed to providing our members outstanding financial products and services. Na...vy Federal offers a career, not just a job. We are proud of the robust total rewards package we offer to our employees, including competitive salaries, incentive programs, comprehensive medical, dental and vision benefits, retirement plans with employer match, award winning training programs, professional development programs, tuition assistance, paid leave, and work/life programs. Federally insured by NCUA. Equal opportunity employer. Android is a trademark of Google, Inc. iPhone is a registered trademark of Apple, Inc. iPad is a registered trademark of Apple, Inc. App Store(SM) is a service mark of Apple, Inc. Message and data rates may apply. FORTUNE and 100 Best Companies to Work For are registered trademarks of Time Inc., and are used under license. FORTUNE and Time Inc., are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union. For more info, visit navyfederal.org Equal Housing Lender
More
Show less
Similar Jobs
Popular Articles
