-
Our Services
- Agile Services Unlock Agile excellence with our expert coaching.
- Business Consulting Drive business success through tailored expertise.
- Data & Analytics Harness the power of data for greater business value.
- IT Services Elevate your IT capabilities with our comprehensive solutions.
- Talent Solutions Find the perfect fit for your team through top-tier talent placement.
- Our Clients
- Careers
- Resources
- About Us
Information Security Analyst
- Job Title
- Information Security Analyst
- Job ID
- 27526840
- Location
- Vienna, VA 22180
- Other Location
- Description
-
Are you looking for the next exciting project opportunity with a great company? Our professional recruiting staff at CC Pace is here to support you in every step of the process! We have been in business for nearly four decades and have deep roots in the Washington DC metro area. Our direct client relationships with companies in a variety of industries and sizes help us to find the right opportunity for our candidates.
We offer competitive rates, healthcare & dental, 401k, FSA, LTD, lots of voluntary benefits, and tons of discount perks. Our team is standing by, ready to help you get started today!
• Must be authorized to work in the US.
Experience in Framework implementation, risk management, security control interpretation, control assessments, standards, and enterprise Governance, Risk and Compliance (GRC) tool operations (i.e. ServiceNow). Understand how information security standards apply to the business and are able to articulate the need for controls. Responsible for supporting the daily operations of reviewing and acting upon requests for exceptions against information security standards. Research, facilitate meetings and aid the business in ensuring the comprehensiveness and detail of their exception requests. Evaluate exceptions as they come up for re-review/renewal/expiration.
• Employer not providing work sponsorship currently
Responsibilities
Attend meetings with stakeholders within IT and across the credit union to assess and encourage the need for submitting exception requests where information security control requirements cannot be adhered to.
Aid in the development of action plans.
Assess exceptions requests and ensure the completeness and accuracy of the submission to allow for an evaluation by management.
Leverage various communications channels and conduct meetings to obtain the required information.
Support the Data Transfer Authorization (DTA) process
Work within the Archer platform
Support metrics and reporting around Exceptions and DTA processes.
Seek out, and share opportunities to introduce process efficiencies.
Support migrating processes to being managed and facilitated through the ServiceNow GRC platform.
Aid the business units in understanding and acting on Standards, including support and review of procedures, hardening standards, and directives.
Keep current with Information Security best practices and industry trends, and communicate/apply these practices to policy improvements and compliance actions.
Develop and maintain a thorough understanding of Information Security industry standards/trends, best practices, processes, and technology; communicate information to team members as appropriate.
Perform other duties as assigned
Qualifications
Experience in the credit union/financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
Experience in information security processes, concepts, principles, and methodologies
Experience in audit and information security risk assessments
Knowledge of applicable federal and state laws, rules, and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20, PCI DSS, and other Information Security requirements and frameworks
Experience that demonstrates knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies
Effective planning and organizational skills
Effective research, analytical and problem-solving skills
Strong verbal, written, and interpersonal communication skills, including technical writing
Bachelor Degree in business, information systems or related field or equivalent work/military experience
CISSP, CISA, CCSP, or other Information Security certifications
Ability to present findings and conclusions clearly and concisely
Experience in working with all levels of staff, management, stakeholders, and third parties
Ability to build effective relationships through rapport, trust, diplomacy, and tact
Strong word processing and spreadsheet software skillsAn Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. EEO IS THE LAW CCPace invites any applicant and/or employee to review the Company’s written Affirmative Action Plan. This plan is available for inspection upon request. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact us.