The Second Line of Defense Enterprise Risk Management Team is seeking a candidate to serve in the Information Security Administrator (ISA) role. ISAs support the ERM security program through the coordination and execution of processes implemented to ensure ERM's compliance with security policies and controls and will report into the ERM Information Security Officer (ISO).
Responsibilities: Information Security Program Support
Support the development and management of the information security program within ERM;
Provide input and support the development and management of the information security program and strategy, playing a key role in information security program activities;
Support the development, communication and integration of information security into processes, procedures and other documentation to support the implementation of the information security program;
Support process and application owners in the remediation of identified business control failures (including CATS/audit issues);
Act as backup for Information Security Officer when required.
Information Security ERM Support
Integrate information security requirements into ERM processes;
Support SVP recertification of restricted access and non-standard authorized approvers;
Coordinate the resolution of problematic access, including segregation of duties violations;
Oversee process to support removal of user access for terminated and transferred employees;
Application Risk -
Support application owners in the completion and review of Information Security Risk Management Program (ISRMP) assessment process;
Application Risk - Support onboarding of applications per the SailPoint Application Integration Schedule with Information Security Officer when required;
Information Classification - Provide clear guidance, education and awareness, and develop SOP's to support classification of information by data owners;
3rd Party Risk - Support business in understanding processes, and provide guidance to answer information security related TPRM requests;
Education & Awareness - Support the creation of education and awareness content;
Management & Risk Committee Reporting - Support the creation of management and risk committee reporting;
Maintain up to date knowledge of evolving information security threat landscape;
Demonstrate a commitment to information security by obtaining additional training and staying current with information security technologies and practices.
Bachelor's degree or equivalent;
3+ years professional experience (including 1-3 years of Information Security experience);
Financial services experience a plus;
Business concepts including financial, business requirements, compliance and risk management;
Strong analytical, communication, research and organizational skills;
Strong computer skills including knowledge of word processing, spreadsheet, email and collaborative tools;
Ability to manage multiple priorities while maintaining attention to detail.
Employee savings plan;
Premium life insurance package;
VIP medical package;
International operating environment;
Soft skills trainings;
Development sessions with a mentor;
Diversity of opportunities across a range of challenging and highly complex activities;
Technical or leadership career pathway.
Internal Number: 6298154
About State Street
eFinancialCareers is a career site specializing in financial services.