Security Analyst
Job Title:
Security Analyst IV Location:
Charlotte, NCDescription:
Location:
Charlotte, NCTechnology Business Line Testing Job DescriptionThis role provides tests and evaluates the Technology processes, applications, and infrastructure across Ally and risk management practices. Individuals in this role are responsible for performing testing and monitoring to evaluate control implementation design and effectiveness of Technology, Cyber Security and Data processes, applications, and infrastructure. The role will work closely with multiple stakeholders including the Technology leaders and subject matter experts. BL Technology Risk professionals in this role build and manage relationships with subject matters and Technology partners. Partnership and collaboration with Enterprise Risk, Compliance, and Information Security teams is needed evaluate, report, and resolve (as needed) risk and controls.In this role, individuals are expected to:
Identify gaps in the operational effectiveness and compliance with Policies, Standards, regulatory requirements, and industry best practices.Develop and present reports and action plans to business partners and senior management resulting from testing.Evaluate Technology, Cyber Security, and Data Management processes and systems for opportunities to improve compliance with Internal Policies/Standard requirements, alignment to regulatory expectations, process improvement and risk management.Design, coordinate and oversee testing procedures to verify the security of systems, networks, and applications, and manage the remediation of risks.Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention.
Qualifications:
Completed at least an undergraduate degree in Information Systems, Information Technology, Cybersecurity, or Computer Science2-4 years of experience in assessing or testing Technology or Cybersecurity, Audit, Compliance, and/or Risk ManagementPerform testing for IT/IS controls which includes assessing the design and operating effectiveness of the control structure and compliance with internal Policies and Standards, as well as industry guidanceKnowledge and understanding of Technology and Cybersecurity industry frameworks and guidance (i.e., NIST, FFIEC, ISO 27001/27002)General understanding of fundamental technology and cyber security principles (e.g., Identity and Access Management, Vulnerability Management, Capacity Management, SDLC, Data Classifications, etc.)Ability to exercise judgement, make conclusions and influence a technology risk mindset with stakeholdersAbility to function in a matrix organization and cross-functional teamAbility to interact and influence personnel at all levels across the organization including associated to mid-level leadershipAttention to detail and maintain relevant risk industry knowledgeCritical thinking, problem solving and analytical skillsDemonstrated ability to effectively synthesize and communicate ideas and insights across the organization, including with executive leadershipDevelop and maintain strong working relationships with internal Technology, risk, compliance and audit partnersDocument test results and provide support for an informed, objective opinion of the risk exposureCommunicate testing results, observations, and recommendations verbally and in writingEngage directly with Business Line to understand business offerings, processes and proceduresWork effectively with peers and leaders while maintaining independence necessary to fulfill Technology review and testing responsibilitiesEscalate and report technology and operational risks concerns as necessaryProficient use of Microsoft Office products:
Word, Excel, PowerPoint, and SharePointIdentify emerging technology risks and lead the dialog among stakeholdersProficient written and verbal communicationMonitor and drive Information Technology s adherence to enterprise policiesReview management action plans to assess effectiveness of proposed remediation and appropriateness of the timelineStrong detail orientation with ability to research, compile, and report on dataUnderstanding of different types of systems (e.g., applications, servers, virtual servers, APIs, SaaS, Cloud computing) Recommended Skills Api Analytical Attention To Detail Auditing Business Process Improvement Capacity Management Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
Security Analyst IV Location:
Charlotte, NCDescription:
Location:
Charlotte, NCTechnology Business Line Testing Job DescriptionThis role provides tests and evaluates the Technology processes, applications, and infrastructure across Ally and risk management practices. Individuals in this role are responsible for performing testing and monitoring to evaluate control implementation design and effectiveness of Technology, Cyber Security and Data processes, applications, and infrastructure. The role will work closely with multiple stakeholders including the Technology leaders and subject matter experts. BL Technology Risk professionals in this role build and manage relationships with subject matters and Technology partners. Partnership and collaboration with Enterprise Risk, Compliance, and Information Security teams is needed evaluate, report, and resolve (as needed) risk and controls.In this role, individuals are expected to:
Identify gaps in the operational effectiveness and compliance with Policies, Standards, regulatory requirements, and industry best practices.Develop and present reports and action plans to business partners and senior management resulting from testing.Evaluate Technology, Cyber Security, and Data Management processes and systems for opportunities to improve compliance with Internal Policies/Standard requirements, alignment to regulatory expectations, process improvement and risk management.Design, coordinate and oversee testing procedures to verify the security of systems, networks, and applications, and manage the remediation of risks.Identify process improvement opportunities and develop subsequent plans of action to resolve gaps with minimal management intervention.
Qualifications:
Completed at least an undergraduate degree in Information Systems, Information Technology, Cybersecurity, or Computer Science2-4 years of experience in assessing or testing Technology or Cybersecurity, Audit, Compliance, and/or Risk ManagementPerform testing for IT/IS controls which includes assessing the design and operating effectiveness of the control structure and compliance with internal Policies and Standards, as well as industry guidanceKnowledge and understanding of Technology and Cybersecurity industry frameworks and guidance (i.e., NIST, FFIEC, ISO 27001/27002)General understanding of fundamental technology and cyber security principles (e.g., Identity and Access Management, Vulnerability Management, Capacity Management, SDLC, Data Classifications, etc.)Ability to exercise judgement, make conclusions and influence a technology risk mindset with stakeholdersAbility to function in a matrix organization and cross-functional teamAbility to interact and influence personnel at all levels across the organization including associated to mid-level leadershipAttention to detail and maintain relevant risk industry knowledgeCritical thinking, problem solving and analytical skillsDemonstrated ability to effectively synthesize and communicate ideas and insights across the organization, including with executive leadershipDevelop and maintain strong working relationships with internal Technology, risk, compliance and audit partnersDocument test results and provide support for an informed, objective opinion of the risk exposureCommunicate testing results, observations, and recommendations verbally and in writingEngage directly with Business Line to understand business offerings, processes and proceduresWork effectively with peers and leaders while maintaining independence necessary to fulfill Technology review and testing responsibilitiesEscalate and report technology and operational risks concerns as necessaryProficient use of Microsoft Office products:
Word, Excel, PowerPoint, and SharePointIdentify emerging technology risks and lead the dialog among stakeholdersProficient written and verbal communicationMonitor and drive Information Technology s adherence to enterprise policiesReview management action plans to assess effectiveness of proposed remediation and appropriateness of the timelineStrong detail orientation with ability to research, compile, and report on dataUnderstanding of different types of systems (e.g., applications, servers, virtual servers, APIs, SaaS, Cloud computing) Recommended Skills Api Analytical Attention To Detail Auditing Business Process Improvement Capacity Management Apply to this job. Think you're the perfect candidate? Apply on company site $(document).ready( function() $(#ads-desktop-placeholder).html(
n
n
n Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
