JobsEQ by Chmura Logo

Cybersecurity Governance Analyst

DTCC
Location: Tampa, FL, 33601
Type: Full-Time, Non-Remote
Posted on: April 26, 2021
This job is no longer available from the source.
Job Description
*Visa sponsorship is not available for this position*
Are you ready to explore a world of possibilities?
Join our DTCC family, and you’ll grow your expertise and become the best version of you. As you embark on a new journey, you’ll tackle challenges with flexibility and grace, learning new skills and advancing your career while having the time of your life
The Team
The Cybersecurity Services organization within Information Technology is focused on protecting DTCC from cybersecurity risks through world class cyber security architecture, engineering and governance practices. The Cybersecurity Governance & Analytics team is responsible to establish and maintain a Center of Excellence (CoE) for governance activities, including internal and external audit preparedness, security analytics and reporting.
Why you'll love this job
This position will be responsible for cybersecurity governance activities by managing the overall security risk for the organization, enhancing and driving existing best practices and standards, identifying gaps in security processes and technology, and providing senior management reporting and measurable plans to ensure adherence. The Governance, Risk and Compliance (GRC) associate will help manage cybersecurity threat mitigation activities through development and management of key outcome-based cybersecurity metrics (KPIs/KRIs) and associated reporting. Principal responsibilities will focus on leading efforts related to audits, Issue Management lifecycle, and security posture reporting across the businesses.
What You'll Do
Manages all cybersecurity governance CoE processes and builds success measures for security analysts in Agile Squads to adhere to the governance framework
Proactively drives preparation exercises and identification of security issues, prior to scheduled audits, and assists in providing evidences to internal and external auditor inquiries
Drives and confirms the sustainability posture of security issues by validating the action plan evidence and performing sample testing to ensure continuous cybersecurity controls
Serves as compliance and regulatory liaison for the domain, and as governance CoE key point of contact for Agile squads
Identifies and implement improvements to existing security metrics to enable outcome-based metrics
Drives security awareness trainings and communications
Drives maturity of security approach by proactively identifying meaningful issues and control gaps in current processes; influencing behavior change within the organization and contributing to the building a stronger security-focused culture
Maintains professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
Aligns risk and control processes into day to day responsibilities to monitor and mitigate risk; raises appropriately
*Note: Responsibilities of this role are not limited to the details above*
Your talents needed for success
Candidate must have experience in supporting Information Security governance function with proficiency in information security domains, including but not limited to Identity and Access management, Certificate Management, Network Security, Vulnerability Management and Data Protection.
Prior experience in IT Security or, Governance, Risk and Compliance roles
Strong Cybersecurity experience across one or multiple domains (i.e. Identity Access Management, Vulnerability Management)
Experience in reading network security designs and understand network fundamentals
Experience in evaluating technology and security controls against the IS Policies and control standards
Experience with analytics and reporting desired
Qualifications
Minimum of 5 years of related experience
Bachelor's degree preferred with Masters, or equivalent experience
Candidate must have experience in supporting Information Security governance function with proficiency in information security domains, including but not limited to Identity and Access management, Certificate Management, Network Security, Vulnerability Management and Data Protection. Prior experience in IT Security or, Governance, Risk and Compliance roles Strong Cybersecurity experience across one or multiple domains (i.e. Identity Access Management, Vulnerability Management) Experience in reading network security designs and understand network fundamentals Experience in evaluating technology and security controls against the IS Policies and control standards Experience with analytics and reporting desired, Minimum of 5 years of related experience Bachelor's degree preferred with Masters, or equivalent experience At least 5 years experience. Employment Type: Full-Time