Cyber Security Analyst - Plano, United States - BCforward

Description

Job Title:
CybersecurityLocation(s): Plano, TX/New York, NYContract to Hire (Y/N): potentially yes

Hybrid Schedule:

not set days; M or F need to be in officeThe third party risk and controls management analyst will be responsible for conducting deep dive technical risk reviews of our highest risk suppliers.

Working across multiple systems of record, this role will identify areas of technical risk to the business by analyzing IT architectures, security controls, evolving industry practices, etc.

and document where controls do not exist or need improvement.

These technical deep-dive reviews will then been evaluated against technical and business resilience planning, incident response plans, and cyber intelligence reporting.

Strong working knowledge of operations practices, risk management processes, principles, architectural requirements and threats and vulnerabilities in the context of Cybersecurity as well as incident response handling methodologies as they apply.

Strong knowledge of national and international laws, regulations, policies and ethics as they relate to Cybersecurity and specifically in the financial industry.

Expert in their field; keeps technical skills current, participates in multiple forumsMay be multi-skilled across the full range of team functionsStrong understanding of Agile, with the ability to work under at least one of the common frameworksKnowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities along with the ability to identify systemic security issuesProvides in-depth analysis of vulnerabilities, threats, designs, procedures and architectural design with focus on recommendations for enhancements or remediation with skill in using network analysis toolsCompliance required for local, country, and/or region specific standards for credentials, certifications and/or training.

About Project:
3rd party risks for Chase. Focused in operations and data risk/exposure.

We look at 20 suppliers, data we have on record already, doing analysis of it, ID gaps where we have tech risk gaps.

We have a program that assesses the suppliers do you have cloud security, endpoint protection? This person will look at the response, assess if they are cloud heavy or web apps.

We should dive deeper into cloud controls conduct deep dives to help CCB manage the expose for the supplier.

We are a small team in Plano that works really close togetherSkills (required):
Cloud Security (experience with any

• AWS, Microsoft, Azure etc.)

. Understanding IAM or access management in general. Dont need 2 candidates with the exact same skills. Knowledge of cyber practices, how does an organization manage tech risks? IAM, endpoint security, cyber architecture should be foundational. Need experience in leading risk management or applying work to Risk management. 5+ years of experience in tech space and some exposure to risk management. Risk mgmt. is hard to find. Translating tech risk to business risk.

Skills (Nice to have):
SANS, CISSP, Security+ is low level but might be applicable. Pen testing, white hat certs. App Development (SDLC, understanding how to secure code, static scans, would be helpful)#J-18808-Ljbffr