Information Security Analyst III (Security Process Assurance & Regulatory Compliance)

Navy Federal Credit UnionPensacola, FL
411d
Match Resume

About The Position

The Information Security Analyst will be responsible for managing information security risks, conducting security control assessments, and ensuring compliance with various regulatory frameworks. This role requires expertise in interpreting security controls and advising on mitigation strategies against contemporary cybersecurity threats. The analyst will work across the enterprise to align security standards with business objectives and support secure design and development of organizational systems.

Requirements

  • Bachelor's Degree in a related field or equivalent experience.
  • 5+ years of experience in computer and information security assessment and management.
  • 5+ years of experience in evaluating security risks and controls in business processes.
  • 3+ years of experience assessing security risks at third-party suppliers.
  • Comprehensive knowledge of information security best practices and regulations.
  • Knowledge of NCUA, FFIEC, GLBA, NIST, and other security frameworks.
  • Formal project management experience with strong organizational skills.
  • Strong research, analytical, and problem-solving skills.
  • Highly developed communication skills for presenting findings and influencing decisions.
  • Excellent writing skills for drafting executive-level documents.
  • Holds or expects to obtain relevant professional certifications (CRISC, CISSP, CISA, etc.).

Nice To Haves

  • Experience in the financial services field.
  • Experience with security systems and assessment tools.

Responsibilities

  • Analyze and evaluate existing information security programs and procedures to protect corporate information systems assets.
  • Offer expertise in interpretation of security controls and risk to business units and leadership.
  • Analyze and write control assessment results, communicating findings to facilitate remediation.
  • Understand and execute the NIST Cyber Security Framework and other regulatory standards.
  • Conduct comprehensive security control assessments of systems and assets.
  • Write guidelines for stakeholders regarding enterprise framework and control assessments.
  • Document issues and track remediation plans with business units.
  • Run compliance reports from the GRC tool for executives and stakeholders.
  • Write and update security standards, identifying gaps and changes as needed.
  • Perform risk assessments of business processes, systems, and applications.
  • Evaluate the design and effectiveness of IT and security controls.
  • Assess new and existing vendors' IT environments for security compliance.
  • Communicate with internal personnel and vendors regarding security assessments.
  • Assist in educating staff on information security requirements.

Benefits

  • Highly competitive pay
  • Generous benefits and perks
  • Recognition as a top employer in various categories
  • Hybrid workplace options

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Credit Intermediation and Related Activities

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service