Logix Federal Credit Union
Info Sec Governance Risk and Compliance Analyst SR
Logix Federal Credit Union, Santa Clarita, California, United States, 91382
Info Sec Governance Risk and Compliance Analyst SR
Location
US-CA-Valencia (HQ)
ID
2024-1189
Category
Technology
Position Type
Full-Time
Remote
No
Overview
The
Info Sec Governance Risk and Compliance Analyst SR
will lead the development and implementation of the InfoSec Governance, Risk & Compliance (GRC) programs. Lead the coordination of security compliance efforts, risk assessment and mitigation, third party risk management, and overall security policy governance.
Responsibilities
Lead the strategic design and execution of a comprehensive security risk and compliance program for the organization.
Develop, review, communicate and maintain Information Security policies, standards and procedures that support security best practices. Serves as a subject matter expert for information security and compliance policies and procedures.Provide leadership and direction for the ongoing monitoring of the organization's security posture and identify potential risks, threats and vulnerabilities.Lead ongoing third-party due diligence, risk tracking and monitoring, and coordinate efforts to address security concerns or requirements.Lead interactions with external auditors to ensure compliance with industry regulatory requirements and standard.Perform regular risk assessments to address security threats, changes to systems and/or applications, process improvement initiatives, third-party provider assessments and other related business needs.Coordinate remediation efforts to mitigate internal/external information technology and security related audit findings.Maintain accurate reporting of mitigation and remediation activities to bring appropriate visibility to stakeholders and leadership.Prepare and present executive-level reports regarding the organization's security and compliance status.Lead and facilitate the enterprise security awareness program, including development of custom materials when needed.Develop reporting metrics, dashboards and evidence of risk management and compliance activities.Stay updated on the latest security trends, emerging threats and best practices to continuously improve the overall security posture.Provide leadership and mentoring for a team of GRC analysts.Carries out other responsibilities as assigned by their manager
Qualifications
EducationEducation Level:Minimum: 4 Year / Bachelors DegreePreferred: Graduate DegreeDescription:Minimum: Bachelor's degree in computer science, Information Systems, Information Security/Assurance, or related field.Preferred: Master's degree in computer science, Information Systems, Information Security/Assurance, or related field.Preferred: Professional certifications in Information Security, Risk Management and/or Compliance (such as CISA, CGEIT, CISM, CRISC, CISSP, CRISC etc.) preferred.ExperienceMinimum Years of Experience: 8Preferred Years of Experience: 10Comments: Minimum of 8 years of relevant experience in Information Security Compliance, Technology Risk Management and/or AuditingKnowledge, Skills & AbilityExcellent knowledge of regulatory rules, standards and best practices that govern informationsecurity in the financial services industry, such as FFIEC/NCUA.Excellent knowledge and extensive experience with facilitating information security and riskmanagement standards, practices, methods, frameworks including NIST, PCI, ISO 27001, FAIR,OCTAVE etc.Prior experience with developing security policies, standards, and controls definition acrossmultiple security compliance frameworksPrevious management consulting experience, preferred.Strong interpersonal skills and ability to effectively communicate, both written and verbally, with abroad range of stakeholdersExcellent presentation, facilitation, executive reporting, and communication skillsLogix Federal Credit Union is an equal opportunity employer that does not discriminate in employment opportunities or practices on the basis of race, religion, color, sex, sexual orientation, gender identity, national origin, protected veteran or disability status, or any other status protected by law.
Pay Range
USD $107,712.94 - USD $166,955.06 /Yr.
#J-18808-Ljbffr
Location
US-CA-Valencia (HQ)
ID
2024-1189
Category
Technology
Position Type
Full-Time
Remote
No
Overview
The
Info Sec Governance Risk and Compliance Analyst SR
will lead the development and implementation of the InfoSec Governance, Risk & Compliance (GRC) programs. Lead the coordination of security compliance efforts, risk assessment and mitigation, third party risk management, and overall security policy governance.
Responsibilities
Lead the strategic design and execution of a comprehensive security risk and compliance program for the organization.
Develop, review, communicate and maintain Information Security policies, standards and procedures that support security best practices. Serves as a subject matter expert for information security and compliance policies and procedures.Provide leadership and direction for the ongoing monitoring of the organization's security posture and identify potential risks, threats and vulnerabilities.Lead ongoing third-party due diligence, risk tracking and monitoring, and coordinate efforts to address security concerns or requirements.Lead interactions with external auditors to ensure compliance with industry regulatory requirements and standard.Perform regular risk assessments to address security threats, changes to systems and/or applications, process improvement initiatives, third-party provider assessments and other related business needs.Coordinate remediation efforts to mitigate internal/external information technology and security related audit findings.Maintain accurate reporting of mitigation and remediation activities to bring appropriate visibility to stakeholders and leadership.Prepare and present executive-level reports regarding the organization's security and compliance status.Lead and facilitate the enterprise security awareness program, including development of custom materials when needed.Develop reporting metrics, dashboards and evidence of risk management and compliance activities.Stay updated on the latest security trends, emerging threats and best practices to continuously improve the overall security posture.Provide leadership and mentoring for a team of GRC analysts.Carries out other responsibilities as assigned by their manager
Qualifications
EducationEducation Level:Minimum: 4 Year / Bachelors DegreePreferred: Graduate DegreeDescription:Minimum: Bachelor's degree in computer science, Information Systems, Information Security/Assurance, or related field.Preferred: Master's degree in computer science, Information Systems, Information Security/Assurance, or related field.Preferred: Professional certifications in Information Security, Risk Management and/or Compliance (such as CISA, CGEIT, CISM, CRISC, CISSP, CRISC etc.) preferred.ExperienceMinimum Years of Experience: 8Preferred Years of Experience: 10Comments: Minimum of 8 years of relevant experience in Information Security Compliance, Technology Risk Management and/or AuditingKnowledge, Skills & AbilityExcellent knowledge of regulatory rules, standards and best practices that govern informationsecurity in the financial services industry, such as FFIEC/NCUA.Excellent knowledge and extensive experience with facilitating information security and riskmanagement standards, practices, methods, frameworks including NIST, PCI, ISO 27001, FAIR,OCTAVE etc.Prior experience with developing security policies, standards, and controls definition acrossmultiple security compliance frameworksPrevious management consulting experience, preferred.Strong interpersonal skills and ability to effectively communicate, both written and verbally, with abroad range of stakeholdersExcellent presentation, facilitation, executive reporting, and communication skillsLogix Federal Credit Union is an equal opportunity employer that does not discriminate in employment opportunities or practices on the basis of race, religion, color, sex, sexual orientation, gender identity, national origin, protected veteran or disability status, or any other status protected by law.
Pay Range
USD $107,712.94 - USD $166,955.06 /Yr.
#J-18808-Ljbffr