Sr. IT Risk Analyst

---

Job description

What You Will Do:

Assesses compliance with legal and regulatory requirements and security conformance with industry standards, providing cost effective recommendations for compliance and improvement. Annually evaluates SSFCU's Security Program to ensure conformance with standards and recommend enhancements as required. Develops the control environment associated with physical and logical security systems. Makes and implements recommendations on safeguarding data methods, information systems, and technology infrastructure to ensure that organizational information security risks are identified and managed. Designs and performs internal risk assessments to determine the security/risk posture associated with all SSFCU internal applications and third party provider applications. Evaluates access control for applications identified as high and medium risk. Assesses IT security policy compliance, regulations and recognized industry best practices. Performs risk assessments related to IT security projects and business processes. Develops and recommends cost effective risk based controls. Provides analysis and reports, recommends and implements control enhancements as necessary to effectively mitigate risk. Presents findings to include results of IT Risk Assessments to line of business owners and various levels of leadership. Monitors remediation efforts from deficiencies identified in monitoring reviews, independent and self-assessments, internal and external audits to ensure appropriate remediation has been taken. Completes any other job related duties needed to help drive to our Vision, fulfill our Purpose, and abide by our Organization's Values.

Our Core Values:

All employees should demonstrate our SSFCU core values -- Caring, Innovative, Honest, Fair and Dedicated -- while providing enthusiastic, professional, and courteous service to SSFCU members and employees.

Additional Information:

We are an EEO Employer that provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, or genetic information.

What We Require:

Bachelor degree in Math, Statistics, Business Administration, Information Systems or equivalent education and/or experience. Minimum of eight (8) years of relevant work experience in IT risk management, Information Security, internal audit, Information Technology, risk management, compliance or other related field. Knowledge and understanding of information technology, systems, and architecture. Knowledge and experience with IT audit frameworks like: COBIT, ITIL, and NIST. Excellent interpersonal and communication skills, quantitative and analytical skills. Self-motivated, highly organized, with the ability to multi-task and react to short deadlines. Works effectively in both individual and team environments. High level of professionalism and confidentiality of sensitive information.

Ideal Candidate Will Have:

Master's degree or designation in a quantitative discipline relevant to risk management, such as Statistics, Mathematics, Actuarial Science, Information Technology or related field or equivalent experience in computer systems security. Project Management experience. Expert knowledge and experience with FFIEC IT Handbook, PCI, and NCUA part 748 Automated Cybersecurity Examination Tool (ACET). Knowledge and experience with SailPoint administration. CISSP, CISM, CISA, CRISC, or equivalent certification is required.

Who We Are:

Security Service Federal Credit Union is an industry leader who has built a reputation of innovation, strength, and stability. We pride ourselves on discovering and developing employees who have exceptional character and a genuine passion for helping others. In return, we deliver a comprehensive total rewards package that supports the financial, physical, and emotional wellbeing of our employees.

What We Offer:

SSFCU offers a comprehensive total rewards package. Benefit options include medical, dental and vision insurance; health savings and flexible spending accounts; company paid employee life insurance; supplemental life insurance plans; supplemental insurance plans for hospital and critical accident; short term disability; company paid long term disability; paid sick and safe leave, paid vacation, 401K match with immediate vesting, tuition reimbursement, employee tenure and award programs, access to an on-site fitness center or gym membership reimbursement program. Employees can participate in our award-winning Total Wellbeing program focusing on physical, financial and emotional wellbeing. We invest in our communities through our Volunteer Corps and in you, through ongoing growth and development opportunities.

<!– job description page –>