Summary :
This is a full-time position for a Senior Information Security Analyst ("Security Analyst") within the
Information Security team that participates in all aspects of information security.
The Security Analyst shall act as a risk manager with the responsibility for identifying, acting on
and escalating risks and is held strictly accountable for the failure to discharge their information
security duties. The employee shall also be responsible for demonstrating risk awareness by
following all security policies, procedures and internal controls in the daily routine.
Ability to make decisions and influence decisions in the areas of risk management and
compliance are key to the role. The Security Analyst will ensure that policy and compliance
documentation, requirements and controls are properly and timely identified, mapped,
tracked, reviewed, and reported for the organization to increase security posture.
In this role he will work closely with other members of the Security Team and IT Infrastructure
Teams to manage and support security administration tasks and security projects.
Responsibilities :
Experience leading risk assessments, audits, policy, governance, and / or reporting, preferably
in a financial institution
Assist with mapping controls to policies, procedures, and processes and testing of those
controls to ensure adequate coverage
Establish and maintain security manuals
Work with control owners in the remediation and tracking of deficiencies.
Assist with increasing the maturity of the Information Security program, strategy and process.
Provide security services in identifying, assessing, managing, and tracking remediation of
information security risks related to IT infrastructure, applications, platforms and suppliers and
drive explicit requirements and timelines in all environments
Provide update to the CISO and / or CRO on progress of remediation efforts
Qualys :
- scanning for vulnerabilities and baseline configuration compliance
- monitoring new and existing vulnerabilities and working with IT and users to remediate
- Daily, Weekly, Monthly, reporting - reviewing results of reports and presenting to IT to
remediate issues
Network monitoring - Monitoring assets connected to the network scanning for assets
and reconciling with IT asset inventory
Daily monitoring of system events for malicious activity
Tufin - Firewall rule review and approval
AlienVault - SIEM - System event monitoring and analysis with follow up if issue is detected
Tipping Point - IPS - Monitoring network for signs of malicious activity or exploitation
Trellix EPO + TMS - Daily monitoring of Data Loss Prevention tools
Manage phishing campaigns, create email templates, perform testing, analyze results, and
write report
Spirion - Create scans to monitor files containing PII and ensure they are destroyed in
accordance with data retention policy
Privileged Access Management (PAM) and reporting
Chair weekly IT meeting to discuss vulnerabilities, patching, and alarms generated by IS tools
Threat Intelligence - Monitor Qualys Threat Protection Feed and CISA emails for relevant
information to protect the network
Work with vendors for troubleshooting and maintenance of IS tools
Education and Experience Requirements :
5+ years managing information security governance, risk, and compliance
Bachelor's degree in information technology or security discipline (e.g. cybersecurity) or
related worked experience
Industry recognized security certifications are a plus but not required (e.g. CISSP, CISA, CISM,
CEH, etc.)
Skills and Knowledge :
Demonstrated knowledge of industry authoritative sources such as NIST Cybersecurity
Framework, SOC2 and ISO standards, FFIEC framework and NYDFS-Part 500 regulations
Working with GRC applications and toolsets, such as RSA Archer
Proficient in Microsoft Office
Excellent written and verbal communication and presentation skills; Good command of
spoken and written English.
Interpersonal and collaborative skills; and the ability to communicate information risk-related
concepts to technical as well as nontechnical audiences
Skilled at planning, tracking plans, working cross department to review risks, controls and
processes, and gathering and organizing documentation and test results
Self-directed, works with minimal guidance, and recognizes when guidance needed
Ability to cope with pressure and responsibility
Security GRC Senior Analyst
A company is looking for a Security GRC Senior Analyst. ...
Senior Strategic Supply Chain Sourcing Manager - Senior Vice President
Senior Strategic Sourcing Manager. Banking Operations & Financial Services. Expense categories of product and services the Sr. Collections, Lending Services, Branch Equipment, ATMs, Cash Management, and Payments & Transaction processing. ...
Head of Alternative Investment Education & Content - Vice President / Senior Vice President
Work with the senior research team members to refine concepts and themes for thought leadership content. Maintain inventory of existing content, including updating data and providing new information to keep content fresh and relevant. ...
Senior Vice President of Product Marketing
Senior Vice President of Product Marketing. Are you a strategic leader with a passion for driving impactful product marketing initiatives within the financial services industry? Do you excel in crafting compelling product messaging that resonates with target audiences and drives business growth? BNY...
Senior Vice President - Strategic Advisory, Portfolio Analytics
How you'll make an impact Build, lead and manage a team dedicated to delivering growth and cycle management insights on P&C insurance leveraging Gallagher Re’s proprietary portfolio data Lead client projects, delivering data-driven analysis to support strategic recommendations Play a role developing...
Information Security Analyst
Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Analyst in New York, NY (Hybrid). Consult on or participate in moderately complex initiatives and deliverables within Information Security Analysis and contribute to large-scale ...
Assistant Vice President, AA Cobrand, Existing Customer Marketing & Events
The Product Management Senior Analyst is an intermediate level position responsible for the development of product plans, strategies and tactics in coordination with the Product Management team. For additional information regarding Citi employee benefits, please visit Available offerings may vary b...
Administrative Assistant to the Executive Vice President, Programs
Based in our NYC office and reporting to the Executive Vice President for Programs (EVP-Programs), the Administrative Assistant provides high-quality operational and administrative support to the EVPP as well as to all programs on an as-needed basis. The Administrative Assistant will be expected to ...
Anti-Financial Crime & Compliance Model Validator - Assistant Vice President
We are looking for an Assistant Vice President to solve “hard to solve” problems associated with financial crimes and fraud detection. The California Consumer Privacy Act outlines how companies can use personal information. ...
Senior Vice President, Counterparty Risk - Stress Test Reporting
Senior Vice President, Counterparty Credit Risk. We’re seeking a future team member for the role of Senior Vice President to join our Counterparty Credit Risk team. The Senior Vice President will be responsible for counterparty credit risk management and reporting, including stress testing developme...