11 days old

Lead Cybersecurity Analyst - P156273_S3

Riverwoods, IL 60015
  • Job Code
    P156273_S3

At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We're all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.

As part of the Cybersecurity Assurance & Compliance Organization, you will assist in managing and processing potential Security Exceptions and/or Risk Acceptances, requested by other BT teams in lieu of their inability to meet specific Security Standards or Requirements. This position will work with other BT Cybersecurity & Application teams in ensuring all possible options are considered prior to processing the request, which includes assessing & documenting formal risk. In addition, this position will manage, report Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) with stakeholders. This individual will work closely with all areas of the business and technology including, infrastructure, engineering, architecture, operations and application teams. This role must be able to understand security standards and interpret their applicability to technologies and systems at Discover.

Responsibilities

  • The candidate must have strong risk assessment & management skills, be able to work with teams in developing and tracking "Action Plans".
  • The candidate needs to be able to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
  • The candidate must be able to identify what information must be gathered to assess risk.
  • This role will work with other Cybersecurity, application, infrastructure and governance teams in assessing and documenting Issues.
  • The candidate must have a knowledge of various regulatory audit control requirements (COBIT, COSO, PCI, ISO, FFIEC, & GLBA).
  • Provide security expertise as requested and clearly communicate status and concerns to all levels of management.
  • Maintain accurate information in the teams tracking tool, and support departmental metrics and KPI/KRI reporting.
  • Leverage security expertise to contribute to program enhancement and continuous improvement efforts, and other team activities.
  • Identify areas that can be automated and streamlined and develop new processes to make processes more efficient.
  • Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
  • Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription-threat intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings. Develops mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and take appropriate action to report each incident, as required. Analyzes the organization's cyber defense procedures and configurations, and evaluates compliance with regulations and organizational directives.
  • Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns.
  • Maintains in-depth knowledge of security trends and threats. Designs and develops security solutions and processes consistent with business goals and risk tolerance. Provides subject matter expertise for supported Cybersecurity technologies.
  • Develops metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives, and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.

Minimum Qualifications

At a minimum, here's what we need from you:

  • Bachelor's Degree in Information Security, Computer Science, Business Administration, Data Analytics, or related field
  • 4+ years of experience in Information Security, Computer Science, Business Administration, Data Analytics, or related field
  • In lieu of a degree, 6+ years of experience in Information Security, Computer Science, Business Administration, Data Analytics, or related field

Preferred Skills:

  • Strong risk assessment & management skills, be able to work with teams in developing and tracking "Action Plans".
  • Able to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
  • Able to identify what information must be gathered to assess risk.
  • This role will work with other Cybersecurity, application, infrastructure and governance teams in assessing and documenting Issues.
  • Knowledge of various regulatory audit control requirements (COBIT, COSO, PCI, ISO, FFIEC, & GLBA).
  • Provide security expertise as requested and clearly communicate status and concerns to all levels of management.
  • Maintain accurate information in the teams tracking tool, and support departmental metrics and KPI/KRI reporting.
  • Leverage security expertise to contribute to program enhancement and continuous improvement efforts, and other team activities.
  • Identify areas that can be automated and streamlined and develop new processes to make processes more efficient.
  • Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
  • Helpful for candidates to have working knowledge and familiarity with; IT Security risk assessment; IT/IS policy development.

#LI-LJ1

Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.



Categories

Industry

  • Banking / Finance
Posted: 2019-09-12 Expires: 2019-10-13

Welcome to Discover
We strive to be the leading direct bank and payments services company. Our mission is to help people spend smarter, manage debt better, and save more to achieve a brighter financial future.


Why Work with Us?
You can make an impact. Whether it’s developing corporate strategy, innovating new services or supporting IT needs, every employee has the opportunity to be a vital part of our business and make a real difference in people’s lives. It’s the heart of what we do.


 

Employment Trends

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Lead Cybersecurity Analyst - P156273_S3

Discover
Riverwoods, IL 60015

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast