Why CC Pace? | CC Pace

Information Security Analyst

Job Title
Information Security Analyst
Job ID
27526840
Location
Vienna,  VA 22180
Other Location
Description

Are you looking for the next exciting project opportunity with a great company? Our professional recruiting staff at CC Pace is here to support you in every step of the process!  We have been in business for nearly four decades and have deep roots in the Washington DC metro area.  Our direct client relationships with companies in a variety of industries and sizes help us to find the right opportunity for our candidates.

We offer competitive rates, healthcare & dental, 401k, FSA, LTD, lots of voluntary benefits, and tons of discount perks.  Our team is standing by, ready to help you get started today!

•           Must be authorized to work in the US. 
•           Employer not providing work sponsorship currently

Experience in Framework implementation, risk management, security control interpretation, control assessments, standards, and enterprise Governance, Risk and Compliance (GRC) tool operations (i.e. ServiceNow). Understand how information security standards apply to the business and are able to articulate the need for controls. Responsible for supporting the daily operations of reviewing and acting upon requests for exceptions against information security standards. Research, facilitate meetings and aid the business in ensuring the comprehensiveness and detail of their exception requests. Evaluate exceptions as they come up for re-review/renewal/expiration.

Responsibilities
 Attend meetings with stakeholders within IT and across the credit union to assess and encourage the need for submitting exception requests where information security control requirements cannot be adhered to.
 Aid in the development of action plans.
 Assess exceptions requests and ensure the completeness and accuracy of the submission to allow for an evaluation by management.
 Leverage various communications channels and conduct meetings to obtain the required information.
 Support the Data Transfer Authorization (DTA) process
 Work within the Archer platform
 Support metrics and reporting around Exceptions and DTA processes.
 Seek out, and share opportunities to introduce process efficiencies.
 Support migrating processes to being managed and facilitated through the ServiceNow GRC platform.
 Aid the business units in understanding and acting on Standards, including support and review of procedures, hardening standards, and directives.
 Keep current with Information Security best practices and industry trends, and communicate/apply these practices to policy improvements and compliance actions.
 Develop and maintain a thorough understanding of Information Security industry standards/trends, best practices, processes, and technology; communicate information to team members as appropriate.
 Perform other duties as assigned
Qualifications
 Experience in the credit union/financial services industry with a focus on regulatory frameworks, information security assessments, and remediation activities
 Experience in information security processes, concepts, principles, and methodologies
 Experience in audit and information security risk assessments
 Knowledge of applicable federal and state laws, rules, and regulations (i.e. Federal Financial Institutions Examination Manual (FFIEC), National Information of Standards and Technology (NIST), and International Standards Organization (ISO)
 Knowledge of NCUA, FFIEC, GLBA, NIST (including the Cyber Security Framework and 800 Series), ISO 27001/27002, SANS/CIS 20, PCI DSS, and other Information Security requirements and frameworks
 Experience that demonstrates knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies
 Effective planning and organizational skills
 Effective research, analytical and problem-solving skills
 Strong verbal, written, and interpersonal communication skills, including technical writing
 Bachelor Degree in business, information systems or related field or equivalent work/military experience
 CISSP, CISA, CCSP, or other Information Security certifications
 Ability to present findings and conclusions clearly and concisely
 Experience in working with all levels of staff, management, stakeholders, and third parties
 Ability to build effective relationships through rapport, trust, diplomacy, and tact
 Strong word processing and spreadsheet software skills

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability.  EEO IS THE LAW CCPace invites any applicant and/or employee to review the Company’s written Affirmative Action Plan.  This plan is available for inspection upon request. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact us.
​​​​​

Option 1: Create a New Profile