The Senior Analyst responds to lender questionnaires, leads the vendor security due diligence process, performs risk analysis, dashboards, and supports the team in our SOC and SOX audit activities. The position also participates in IT governance, risk and compliance activities of the group and acts as backup to the IT Risk Manager as necessary.
ESSENTIAL Job Duties & Responsibilities
- Respond to Lender security questionnaires.
- Document gaps between vendor requirements and National MIs infrastructure.
- Coordinate and execute IT security projects as it relates to Vendor Management.
- Execute the vendor security risk management process.
- Collaborate with other areas of IT to manage security audit requests.
- Conduct research to keep abreast of latest security issues.
- Maintain, remediate and review of findings from lenders, vendors and audits.
- Support IT Risk Manager with Policy review.
- Perform ad-hoc and scheduled risk analysis, both quantitative and qualitative. Evaluate information to determine compliance with laws, regulations, or standards.
- Contract review for information security compliance to policies and procedures.
- Mentor other IS Assurance Analysts, as needed.
- Perform other ad hoc duties as assigned.
ESSENTIAL Worker Competencies
- Bachelor’s degree in Computer Science, Information Systems, a related field or the equivalent work experience. Professional certifications (e.g., CISSP, GIAC, SANS, etc.) are preferred.
- Five or more years related work experience working within a diverse IT environment with three or more of those years focusing on security (e.g., IT Audit, FFIEC, SANS, SOX, SOC).
- Prior management experience is a plus.
- Vendor audit and compliance experience, preferably with the SIG framework.
- Strong verbal and written communication skills.
- Ability to interface effectively with internal and external customers.
- High level of integrity and trust.
- Regular and reliable attendance.
- Must be able to work in a team-oriented, collaborative environment.
- Precise attention to detail.
- Maintains confidentiality of information and uses information appropriately.
- Exhibits sound judgment when making decisions and recommendations.
- Comfortable working in a fast-paced work environment with frequent tight deadlines, interruptions, and occasional long hours.
- Self-starter who is highly motivated and is capable of working with minimal supervision.