Don't worry, we can still help! Below, please find related information to help you with your job search.
- Information Security Analyst
- Information Security Incident Analyst
- Lead Information Security Analyst
- Business Information Analyst Ii
- Information Security Analyst Intern
- Information Security Analyst Remote
- Information Security Analyst Junior
- Remote Information Security Analyst
- Security Information Analyst
- Information Security Professional Ii
Information Security Analyst Ii
Company | Navy Federal Credit Union |
Address | , Remote |
Employment type | FULL_TIME |
Salary | $85,500 - $146,300 a year |
Expires | 2023-06-18 |
Posted at | 1 year ago |
YOUR LIFE'S MISSION: POSSIBLE
You have goals, dreams, hobbies and things you’re passionate about.
What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.
Don’t take our word for it.
- Computerworld® Best Places to Work in IT
- Fortune 100 Best Companies to Work For®
- Yello and WayUp Top 100 Internship Programs
- Military Times 2022 Best for Vets Employers
- Fortune Best Place to Work for Financial and Insurance Services
- Fortune Best Workplaces for Women
- Ripplematch Campus Forward Award – Excellence in Early Career Hiring
- Forbes® 2022 The Best Employers for New Grads
Basic Purpose
Responsibilities
- Performs other related duties as assigned.
- Communicates with internal Navy Federal personnel to understand the services and/or products being provided by the vendor
- Performs risk assessments of business processes, systems and applications
- Assesses a residual risk rating for the vendor based upon their control environment
- Analyzes and evaluates the design and operating effectiveness of Information technology and security controls that are in place
- Assists with the education of staff on the requirements of information security and the efforts to improve information security awareness.
- Write and update standards as directed, identifying and communicating gaps and changes as needed. Understand their mapping to specific security controls within the GRC tool. Interpret, explain and educate the standards to customers as needed.
- Understand and execute the NIST Cyber Security Framework (CSF), risk management, and applied security controls from NIST SP 800-53, PCI DSS, ISO 27002, and other control standards as assigned.
- Performs assessments of new and existing vendors’ IT environments in protecting Navy Federal information assets from data compromise and/or identity theft.
- Evaluates the security controls the vendors have in place
- Communicates with vendor personnel throughout the review process
- Communicates status of reviews to Information Security management and internal business stakeholders
- Run recurring compliance (findings) reports as needed from the GRC tool that are accurate, timely, and in a format presentable for executives and business unit customers.
- Document issues as findings within the GRC tool; track remediation plans with business units; track, report on, and understand existing security exceptions for assigned systems or assets;
- Analyze, articulate and write control assessment results, from manual and automated methods, in addition to the operational and residual risk of the asset/system. Communicate often results with the customer in order to facilitate remediation as quickly as possible. Results are written in the enterprise GRC tool.
- Write guidelines for customers pertaining to the enterprise framework, control assessments, remediation plans, and other topics as directed; Work with the communications team in refining products to make appropriate for intranet consumption.
- Conduct comprehensive security control assessments according to NIST SP 800-53A Appendix F (examine, interview, test) of systems and assets.
- Analyzes and evaluates existing information security programs and procedures to protect corporate information systems assets from intentional or inadvertent modification, disclosure, or destruction.
- Offer expertise, written and oral, with excellent customer service, in interpretation of security controls, risk and overall results to business units and leadership as needed.
- Evaluates current business practices against regulatory and industry benchmarks
Qualifications
- Extensive experience in computer and information security assessment, administration, and management (3+ years)
- Extensive experience in the evaluation and assessment of security risks and controls in place at third party suppliers that access, process or store confidential data. (3+ years)
- Formal project management experience which includes organization skills, managing strategy, project communications (internal and external to team), and planning and directing the work of participants
- Comprehensive knowledge of information security regulations and legislations
- Knowledge of NCUA and FFIEC regulations, GLBA, NIST and other information security requirements and frameworks
- Strong research, analytical, and problem solving skills
- Highly developed communication skills including preparing and presenting results, findings, recommendations and influencing management decision making based on the best available data
- Comprehensive knowledge and understanding of best practices, trends related to information security
- Extensive experience in the evaluation and assessment of security risks and controls in place around business processes, systems and applications. (3+ years)
- Excellent writing skills with experience drafting Executive-level documents
- Bachelor’s Degree in a related field or the equivalent combination of training, education, and experience
Desired
- Advanced college degree in information security, cyber security, information technology, etc.
- Professional certification (CISSP, CISA, CRISC) or a reasonable expectation to obtain the certification
- Experience with security systems, assessment tools, and technical security
Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526 | 141 Security Dr. Winchester, VA 22602 | Remote
Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.
Salary Range: $85,500 - $146,300 annually
Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.
Posting End Date: 4/21/23
Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume.
#LI-Hybrid
Equal Employment Opportunity
Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability
Disclaimer
Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.
Bank Secrecy Act
Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
-
Systems Analyst - Excel, Xml, Sql, Scripting
By CyberCoders At Salt Lake City, UT, United States 7 months ago
-
(Senior) Finance & Shared Services Manager
By Catholics For Choice At Washington, DC, United States 7 months ago
-
Paralegal - Probate Administration
By CyberCoders At Miami, FL, United States 7 months ago
-
Account Executive - Automotive Software
By ECW Search At United States 7 months ago
-
Construction Project Coordinator Jobs
By CyberCoders At River Falls, WI, United States 7 months ago