Risk & Compliance Analyst

About The Position

Requirements

• Bachelor’s degree in Information Security, Information Assurance, or a related field, or equivalent work experience
• Previous banking experience preferred but not required
• Project management skills preferred but not required
• Experience in Microsoft Office Suite and Visio
• Analytical/attention to detail
• Excellent problem-solving skills and the ability to work both independently and as part of a team.
• Strong communication skills, with the ability to convey complex security concepts to non-technical stakeholders.

Nice To Haves

• Familiarity with regulatory compliance
• Experience with hybrid cloud environments
• Understanding of NIST frameworks (NIST 800-53, NIST CSF)
• Understanding of regulatory compliance such as GLBA, PCI, and HIPAA

Responsibilities

• Asset Management: Maintain an inventory of organizational information assets. Maintain workflow/process diagrams for all critical bank functions.
• Business Continuity: Maintain business continuity plans to ensure organizational resilience. Facilitate periodic disaster recovery testing.
• Risk Assessment Management: Conduct risk assessments to assist in managing risk mitigation strategies to protect organizational assets.
• Policy Management: Manage review process of all security policies, standards, and procedures in line with industry standards
• Change Management: Monitor change management processes to ensure that security impacts are assessed and managed.
• Operational Security Monitoring: Continuously monitor security operations to identify and address potential threats and verify effective controls operation.
• Identity and Access: Management: Manage identity and access controls to safeguard sensitive information. Conduct User Access Reviews periodically to ensure compliance with Role Based Access Controls.
• Audit Operations: Participate: in external audits, ensuring compliance with regulatory requirements.
• Audit Remediation: Implement: and track remediation efforts for audit findings to ensure compliance and security.
• Third-Party Management: Assess and manage third-party vendors to ensure they meet security requirements.
• Security Awareness Training: Deliver security awareness training programs to educate employees on best practices.
• Framework and Regulatory: Compliance Management: Ensure compliance with key frameworks including NIST 800-53, NIST CSF, and regulatory compliance such as GLBA, PCI, and HIPAA.
• Management Reporting: Assist in preparation of monthly management reports
• Perform other duties as assigned.

Benefits

• INB provides health, dental, vision, and life insurance benefits to all full-time employees. Coverage is also extended to their eligible dependents. Active employees make premium contributions based on plan selections.