Security Analyst

About The Position

Requirements

• A bachelor's degree and 2 years of regulatory compliance or similar experience in payments or consumer finance, or similar combination of education and experience are preferred.
• Working knowledge in risk management, audits (SOC 1, SOC 2, PCI DSS) and information security best practices.
• Basic understanding of regulatory compliance and information security frameworks such as GDPR, CCPA, NIST, CIS Controls, etc.
• Experience in dealing with internal / external resources across a variety of departments and office hierarchies
• Self-driven and high attention to detail
• Fantastic written and verbal communication skills
• Ability to operate in and maintain a fast pace and cadence
• Authorized to work lawfully in the United States of America

Responsibilities

• Support audit and compliance activities by gathering evidence, conducting preliminary assessments, and assisting in the remediation of audit findings.
• Maintain and monitor a central repository of audit evidence
• Conduct gap analysis on various industry standard compliance and regulatory requirements
• Track, update, and draft clear, concise policies, standards and procedures
• Maintain an up-to-date risk register and track remediation status
• Collaborate with various departments on GRC related objectives
• Track and ensure compliance with IT and security controls covering a wide range of regulations
• Follow up with team members driving progress on tracked issues
• Develop and contribute to metrics and KPIs for CISO and executive management review
• Review, update, and test governance plans such as the BCP, IRP and DR plans
• Assist in the Development and delivery of security awareness and training programs to educate employees on security policies, procedures, and best practices