|Location||Mount Laurel, NJ|
|Date Posted||August 11, 2018|
IT Security Analyst- Risk Reporting/ Data Analytics
Duration: 6 + month contract, possible conversion
Location: Mount Laurel NJ, partial remote
# of Openings: 2
Reason for request/why opened: Expanded work needs, new projects on the go
% Interaction with Stakeholders: 50%
Team Size: ~20 people between Toronto/US
Personality Style/Team Culture: Very collaborative, very virtualized; telepresence is major with this team
Selling Points of Position:
Very strategic project, a lot of senior leadership visibility; managing cyber security risks; performing a major uplift/overhaul of their cyber security practices; introducing a lot of cutting edge technologies as to how to measure risk; remote work is a possibility.
Best Vs Average Candidate:
This is not simply an auditing role within security; focus is on technology risk reporting, metrics development (KPI development); performing data analytics and using Tableau. Experience with Sharepoint, Tableau will be best; best candidate will have experience with business process design; business process improvement; will have CISSP or CRISC.
How will performance be measured:
1 on 1 feedback
This company has commenced a project to take our Technology Risk Reporting to the next level. This includes updates to the people, process, and technology that supports our existing Technology Risk Reporting process. We are looking for talented individuals that have a strong background in data analytics, Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), and business process design and improvement.
About This Role
We are looking for someone to support our Technology Risk and Reporting Oversight team by contributing to Technology Risk Reporting Process Design & Metric Release Management. Here's some of what you may be asked to perform:
- • Defining requirements for the Technology Risk Reporting metric and data layer
- • Analyzing source data and facilitating Technology KRI and metric design
- • Managing and refining business rules and thresholds for Technology KRs
- • Facilitate the change management and communication process for technology risk reporting and metrics
- Experience with Key Risk Indicators and Technology Risk reporting
- Must be proficient with technology tools including MS Office, databases and reporting tools, including Tableau.
- Experience with SharePoint and InfoPath
- Information Security Certification / Accreditation an asset.
- Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX.
- Competencies in technology controls, emerging threats, information security and cybersecurity.
- Comfortable communicating at all levels of the organization, strong presentation skills a must.
- Information Security or technology risk and controls background, Big Four experience a plus.
- Ability to manage multiple efforts simultaneously, strong project management, reporting, and organizational skills.
- CISSP, CISA, CRISC certifications a plus.
- Expert knowledge of IT security and risk disciplines and practices.
- Knowledge of organization, technology controls, security and risk issues.
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
1.) Information Security or technology risk and controls background – 7+ years
2.) Data Analytics Experience – 5+ years
3.) MS Office for data analytics and reporting – 5+ years
4.) Tableau for data analytics and reporting – 2+ years
5.) Sharepoint experience – 5+ years
6.) InfoPath experience – 5+
7.) Experience with Key Risk Indicators and Technology Risk reporting – 5+ years
8.) Experience developing Key Risk Indicators (KRIs) or infosecurity metrics
9.) Experience with FFIEC, OSFI, PCI-DSS, SOX security frameworks – 5+ years
10.) Business process improvement experience - 2+ years
11.) Excellent Communication skills
NICE TO HAVE:
1.) Previous Banking/Financial Industry experience
2.) CISSP or CRISC certification ***
3.) Experience facilitating the change management and communication process for technology risk reporting and metrics