The Information Security Analyst reports to the CISO and is responsible for specific aspects of the security program including regulatory reporting, metrics/KPIs, training and awareness, security process integration and risk management.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Gathering, Reporting and Analyzing Information Security KPIs
- Advise on Risk Levels and Security Posture
- Developing and Managing Security Awareness and Training Campaigns
- Identifies business processes requiring Information Security Integration
- Support the Design and Execution of Security Exercises
- Ensure Security Policies are aligned with other governing policies
- Provide subject matter expertise and full lifecycle management for installed security base.
- Participate in security projects from inception to implementation and provide post project support.
- Advise on projects delivering business solutions that impact information securityrisks and relevant compliance certifications.
- Help define the information securityarchitectures of future initiatives.
- Help educate and provide end user awareness through targeted
- Proven ability in information security principles, latest industry awareness and current knowledge.
- Strong knowledge of NIST (800-53, CSF) and other information security frameworks.
- Strong knowledge of information security processes and tools.
- Experience developing successful Information Security awareness campaigns.
- Understanding of financial services regulatory environment
- Experience with formal risk management.
- Very good analytical skills, logical thinking, diagramming capability.
- Strong and confident interpersonal and customer service skills; ability to interface with personnel from various departments and levels, both technical and non-technical.
- Excellent organizational skills. Ability to prioritize multiple tasks and meet deadlines. Attention to detail and commitment to excellence.
- Experience of working in an ITIL focused support organization with incident/request tickets.
- Able to manage multiple priorities and work well under pressure.
- Ability to work flexible schedules including availability outside of normal working hours.
- Knowledge of data privacy regulations is a plus.
EDUCATION AND/OR EXPERIENCE
- Bachelordegree in Information Technology, Computer Science or equivalent qualification in IT.
- Minimum of 3-5 years of experience in similar information security role ideally.
- 1-2 years plus experience gained in IT program or business analysis roles is highly relevant for this role.