Information Security Risk Analyst
4.
0 Honolulu, HI Honolulu, HI Estimated:
$67.
5K - $85.
5K a year Estimated:
$67.
5K - $85.
5K a year Primary Purpose of Job Supports the company's information security program to ensure that policies, procedures, standards and practices are in place to adequately identify, assess, mitigate, manage, monitor and report on key information security risks.
Major Job Accountabilities Works with IT and internal operations to ensure the safeguarding of all confidential, proprietary, privileged, and protected information assets, including customer data.
Monitors essential processes to ensure compliance with policies, standards, practices and guidelines.
Assists with information security compliance with applicable laws and regulations, regulatory requirements and Bank policies and procedures, including but not limited to GLBA, FACTA, PCI DSS, Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act.
Develops and performs information security and vulnerability assessments, testing on applications, systems, and infrastructure to ensure appropriate protection of sensitive customer and company information; performs risk analysis and recommends remediation for deficiencies.
Tracks and reassesses remediation(s) to ensure compliance with policies and operational standards.
Performs Information Security risk management activities including information security risk assessments, vendor reviews, and monitors the remediation of identified gaps and issues.
Develops reporting and measurements of program effectiveness and provides analysis.
Ensures technical enforcement of internal security policies to maintain the integrity of the networks, systems and applications utilized throughout the organization, including functionality of user access controls.
Develops and conducts bank-wide/departmental information security training.
Maintains current knowledge of evolving information security risks, particularly cyber security, new and evolving trends with mitigation tools and changes to security regulations affecting financial institutions.
Recommends, maintains, develops, and revises all information security governance documentation.
Builds and matures a culture focused on the proactive awareness and improvement of the risk environment.
May occasionally work evening/night hours as needed to address critical situations.
Experience Required Four (4) years of direct work experience in developing information security programs and assessing effectiveness of such programs, preferably within a financial services organization.
Four (4) years of experience with risk management frameworks and concepts.
Four (4) years of working knowledge of security frameworks and general areas of Information Security.
Required Skills or Training Verified self-motivated learner bringing a sense of enthusiasm to a hands-on working environment.
Knowledge of risk management concepts with a background in financial, regulatory, information security, and/or enterprise risk management.
Proven critical thinker with the ability to research, assess, and communicate IT risks and develop, recommend, and monitor corresponding controls.
Verified ability to build and maintain relationships across diverse technical and non-technical teams.
Proven excellent interpersonal, verbal, and writing skills to effectively communicate to a diverse audience.
Proven acute analytical skills, including the ability to consolidate broad data sets from multiple sources, both internal and external, to identify patterns and/or risk factors.
Verified knowledge and experience with a broad range of Security Frameworks and standards such as PCI, NIST, ISO 2700 series, etc.
Knowledge of the SOX, Federal Financial Institutions Examination Council (FFIEC) and section 501(b) of the Gramm-Leach-Bliley Act.
Ability to independently apply risk management concepts in various and novel situations to accurately identify, assess, and conclude on risks, while also determining alternatives or designing mitigating controls/activities.
Knowledge and experience with networking, operating systems, platforms, client/server, web applications, and general information security technologies is a plus.
Knowledge and experience with General IT Controls (GITCs) and maturity models from various frameworks (SOX, FFIEC, CIS, etc.
) is a plus.
EOE, including disability/veterans At American Savings Bank, we welcome and support all individuals and celebrate the diversity of our team members, customers and community.
We are committed to ensuring that our online application process is accessible and provides an equal employment opportunity to all job seekers.
If you need assistance searching for a job or submitting an application, please contact us by calling 808-538-2000 and a member of our Recruitment team will follow up with you.
Mahalo for your interest in American Savings Bank!.
Estimated Salary: $20 to $28 per hour based on qualifications.
0 Honolulu, HI Honolulu, HI Estimated:
$67.
5K - $85.
5K a year Estimated:
$67.
5K - $85.
5K a year Primary Purpose of Job Supports the company's information security program to ensure that policies, procedures, standards and practices are in place to adequately identify, assess, mitigate, manage, monitor and report on key information security risks.
Major Job Accountabilities Works with IT and internal operations to ensure the safeguarding of all confidential, proprietary, privileged, and protected information assets, including customer data.
Monitors essential processes to ensure compliance with policies, standards, practices and guidelines.
Assists with information security compliance with applicable laws and regulations, regulatory requirements and Bank policies and procedures, including but not limited to GLBA, FACTA, PCI DSS, Anti-Money Laundering laws and regulations, Bank Secrecy Act and USA PATRIOT Act.
Develops and performs information security and vulnerability assessments, testing on applications, systems, and infrastructure to ensure appropriate protection of sensitive customer and company information; performs risk analysis and recommends remediation for deficiencies.
Tracks and reassesses remediation(s) to ensure compliance with policies and operational standards.
Performs Information Security risk management activities including information security risk assessments, vendor reviews, and monitors the remediation of identified gaps and issues.
Develops reporting and measurements of program effectiveness and provides analysis.
Ensures technical enforcement of internal security policies to maintain the integrity of the networks, systems and applications utilized throughout the organization, including functionality of user access controls.
Develops and conducts bank-wide/departmental information security training.
Maintains current knowledge of evolving information security risks, particularly cyber security, new and evolving trends with mitigation tools and changes to security regulations affecting financial institutions.
Recommends, maintains, develops, and revises all information security governance documentation.
Builds and matures a culture focused on the proactive awareness and improvement of the risk environment.
May occasionally work evening/night hours as needed to address critical situations.
Experience Required Four (4) years of direct work experience in developing information security programs and assessing effectiveness of such programs, preferably within a financial services organization.
Four (4) years of experience with risk management frameworks and concepts.
Four (4) years of working knowledge of security frameworks and general areas of Information Security.
Required Skills or Training Verified self-motivated learner bringing a sense of enthusiasm to a hands-on working environment.
Knowledge of risk management concepts with a background in financial, regulatory, information security, and/or enterprise risk management.
Proven critical thinker with the ability to research, assess, and communicate IT risks and develop, recommend, and monitor corresponding controls.
Verified ability to build and maintain relationships across diverse technical and non-technical teams.
Proven excellent interpersonal, verbal, and writing skills to effectively communicate to a diverse audience.
Proven acute analytical skills, including the ability to consolidate broad data sets from multiple sources, both internal and external, to identify patterns and/or risk factors.
Verified knowledge and experience with a broad range of Security Frameworks and standards such as PCI, NIST, ISO 2700 series, etc.
Knowledge of the SOX, Federal Financial Institutions Examination Council (FFIEC) and section 501(b) of the Gramm-Leach-Bliley Act.
Ability to independently apply risk management concepts in various and novel situations to accurately identify, assess, and conclude on risks, while also determining alternatives or designing mitigating controls/activities.
Knowledge and experience with networking, operating systems, platforms, client/server, web applications, and general information security technologies is a plus.
Knowledge and experience with General IT Controls (GITCs) and maturity models from various frameworks (SOX, FFIEC, CIS, etc.
) is a plus.
EOE, including disability/veterans At American Savings Bank, we welcome and support all individuals and celebrate the diversity of our team members, customers and community.
We are committed to ensuring that our online application process is accessible and provides an equal employment opportunity to all job seekers.
If you need assistance searching for a job or submitting an application, please contact us by calling 808-538-2000 and a member of our Recruitment team will follow up with you.
Mahalo for your interest in American Savings Bank!.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
