Logo
Raymond James Financial, Inc.

IT Business Information Security Lead

Raymond James Financial, Inc., St. Petersburg, Florida, United States, 33739


IT Business Information Security Lead

-

2403226

DescriptionThis position will follow our hybrid work model, we expect the selected candidate to be in office 2-3 days a week at the following Corporate Office location: St. Petersburg, FL

Job Summary:The Business Information Security Leader (BISL) liaises with our business units (Operations, HR, Finance, Legal, and Technology) and serves as the primary point of contact between Information Security and our corporate business units. The BISL assists in enabling business strategies, while balancing the security risk and ensuring security is aligned with business strategies. Interacts with all levels of leadership in the firm to accelerate solutions through better communication and alignment. The key to success is the ability to influence senior business leaders about the need to embrace security initiatives.

Essential Duties and Responsibilities:

Articulates the security perspective to the business and helps them understand the potential impact and possible controls in business terms.

Communicates business knowledge and requirements to the Information Security organization thus ensuring security is aligned with business strategy and need.

Counsels business units in understanding regulatory information security compliance requirements and helps ensure compliance.

Represents the business unit in development of policies and standards.

Act as primary point of contact for all IT internal audits, participates in scoping, deliverable requests and collaborates with senior leadership to clear audit reports and ensure action plans are complete and effective.

Ensures IT owners are held accountable for their controls and understand responsibilities as to risk mitigation and remediation as well as compliance to security policy and standards to reduce liabilities.

Understands and reports on the overall information security risk posture of the business unit, and provides an enterprise view of vulnerabilities and associated risks to both the business and information security.

Focuses on process improvement to manage risk, proactively prevent problems and identify opportunities for efficiencies and automation.

Investigates security incidents for the business and works with Information Security teams to recommend/implement appropriate corrective actions.

Understands, tests and implements security plans, products, strategies and control techniques.

May lead or participate in security related projects and strategy.

Performs other duties and responsibilities as assigned.

Qualifications

Education/Previous Experience:• TYPICALLY requires a Bachelor's degree; 3-5 years of relevant experience. May have one or more technical or business-related certifications. • Minimum of a Bachelor’s degree in Computer Science, MIS or related degree and three (3) years of relevant experience in auditing or risk assessing or combination of education, training and experience.Highly preferred:

Bachelor’s degree in Computer Science, MIS or related degree and seven (7) years of relevant experience in Information Security, risk management and audit or an equivalent combination of education, training and experience.

Financial services experience highly preferred.

Knowledge/Experience in the following:

Information Security programs including, but not limited to, audit reviews, risk assessment, awareness and training, identity and access management, data protections, secure SDLC, incident management, vulnerability assessment, penetration testing, third-party assessment, secure configurations and patch management.

Advanced knowledge of infrastructure and logical security technology with experience working with ITIL, ISO 17799 and/or CoBit processes and procedures.

Translating business drivers and priorities into security design.

Knowledge of government and other regulations related to Information Security (e.g., GLBA, SOXA 404, FFIEC, PCI, Privacy, HIPAA, etc.).

Technical skills and proficiency in a wide array of platforms and systems (e.g., Windows, UNIX, SQL, Tandem).

Licenses/Certifications:

Security and control certifications highly preferred (CISSP, CISM, CISA, CRISC).

Raymond James Guiding BehaviorsAt Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view.

We expect our associates at all levels to:

Grow professionally and inspire others to do the same

Work with and through others to achieve desired outcomes

Make prompt, pragmatic choices and act with the client in mind

Take ownership and hold themselves and others accountable for delivering results that matter

Contribute to the continuous evolution of the firm

At Raymond James – as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.

Job

Technology

Primary Location

US-FL-St. Petersburg-Saint Petersburg

Organization

Technology

Schedule

Full-time

Shift

Day Job

Travel

No

#J-18808-Ljbffr