Security Analyst IV

Job Title : Security Analyst IV
Duration : 08 Months
Work Location :Charlotte 601 S. Tryon Street (601 S. Tryon Street Charlotte NC 28202) / Mandatory onsite in Charlotte for Hybrid model 3 days a week
Interview : ** Video conference interview.


Must Have :
**BL Tech Risk Security Analyst **Exceptional written and verbal communication skills. Ability to interact across multiple organizations and levels and escalate when roadblocks are identified; **Several years of experience in Quality Assurance/Quality Control IT Risk Management or Information Security; **Knowledge and experience in performing assessments aligned with regulatory standards. ** Financial Services experience; **Must have excellent communication skills able to work with and influence senior stakeholders selfmotivated independent worker who will take initiative and work well collaboratively

Job Description

Location: Charlotte NC

Technology Business Line Testing Job Description

This role provides tests and evaluates the Technology processes applications and infrastructure across client and risk management practices. Individuals in this role are responsible for performing testing and monitoring to evaluate control implementation design and effectiveness of Technology Cyber Security and Data processes applications and infrastructure. The role will work closely with multiple stakeholders including the Technology leaders and subject matter experts. BL Technology Risk professionals in this role build and manage relationships with subject matters and Technology partners. Partnership and collaboration with Enterprise Risk Compliance and Information Security teams is needed evaluate report and resolve (as needed) risk and controls.

In this role individuals are expected to:

• Identify gaps in the operational effectiveness and compliance with Policies Standards regulatory requirements and industry best practices.
• Develop and present reports and action plans to business partners and senior management resulting from testing.
• Evaluate Technology Cyber Security and Data Management processes and systems for opportunities to improve compliance with Internal Policies/Standard requirements alignment to regulatory expectations process improvement and risk management.
• Design coordinate and oversee testing procedures to verify the security of systems networks and applications and manage the remediation of risks.
• Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention.

Qualifications:

• Completed at least an undergraduate degree in Information Systems Information Technology Cybersecurity or Computer Science
• 24 years of experience in assessing or testing Technology or Cybersecurity Audit Compliance and/or Risk Management
• Perform testing for IT/IS controls which includes assessing the design and operating effectiveness of the control structure and compliance with internal Policies and Standards as well as industry guidance
• Knowledge and understanding of Technology and Cybersecurity industry frameworks and guidance (i.e. NIST FFIEC ISO 27001/27002)
• General understanding of fundamental technology and cyber security principles (e.g. Identity and Access Management Vulnerability Management Capacity Management SDLC Data Classifications etc.)
• Ability to exercise judgement make conclusions and influence a technology risk mindset with stakeholders
• Ability to function in a matrix organization and crossfunctional team
• Ability to interact and influence personnel at all levels across the organization including associated to midlevel leadership
• Attention to detail and maintain relevant risk industry knowledge
• Critical thinking problem solving and analytical skills
• Demonstrated ability to effectively synthesize and communicate ideas and insights across the organization including with executive leadership
• Develop and maintain strong working relationships with internal Technology risk compliance and audit partners
• Document test results and provide support for an informed objective opinion of the risk exposure
• Communicate testing results observations and recommendations verbally and in writing
• Engage directly with Business Line to understand business offerings processes and procedures
• Work effectively with peers and leaders while maintaining independence necessary to fulfill Technology review and testing responsibilities
• Escalate and report technology and operational risks concerns as necessary
• Proficient use of Microsoft Office products: Word Excel PowerPoint and SharePoint
• Identify emerging technology risks and lead the dialog among stakeholders
• Proficient written and verbal communication
• Monitor and drive Information Technologys adherence to enterprise policies
• Review management action plans to assess effectiveness of proposed remediation and appropriateness of the timeline
• Strong detail orientation with ability to research compile and report on data
• Understanding of different types of systems (e.g. applications servers virtual servers APIs SaaS Cloud computing)