Information Security Analyst

Type: Contract

Work Location (Remote, Hybrid or Both?): Hybrid, onsite twice a week - Mt Laurel, NJ

Duration: 12 months

Summary Of Day-to-day Responsibilities

• Define, develop and implement program on applications', in assigned business, compliance to standards and respond to questionnaires adjusting to target audience; serve as key liaison and contact for stakeholder groups
• Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents including regulatory compliance requirements and reporting
• Conduct project consulting on assessment of risk, definition of required controls, appropriateness of implemented control procedures, vulnerability assessments and any other relevant areas
• Lead or contribute to completion of risk and control design assessments for applications in assigned business, communicate and document impact of control gaps to the business and the overall Bank, risk mitigation, remediation plans, and remediation strategy
• Contribute to the definition, development, and oversight of a global security management strategy and framework.
• Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
• Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area
• Adhere to internal policies / procedures, technology control standards, and applicable regulatory guidelines
• Work collaboratively within Enterprise Protect & Office of the CISO (EP&OCISO), TD Securities and with other key stakeholders, on activities targeting the management of operational risks associated with technology
• Understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement
• Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise
• Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Actively manage relationships with other areas of Technology / businesses / corporate and/or control functions and ensure alignment with enterprise and/or regulatory requirements
• Keep abreast of emerging issues, bank policies/standards/processes, trends, and evolving regulatory requirements and assess potential impacts to the Bank
• Participate in business specific / cross-functional / enterprise initiatives as a subject matter expert helping to identify risk / provide guidance
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Establish effective relationships across multiple business and technology partners, program and project managers
• Participate in knowledge transfer within the team and business units
  
  

Must Have

Risk management exp

Cyber security exp

Governance exp

Info sec experience

Coupa

3rd party risk experience

3rd party risk assessments exp

Cloud security exp

Network security exp

DLP exp

Identity access management and encryption

NICE TO HAVE

Managing a small team experience

Experience as a team lead

Archer exp