U.S. Bank Senior Information Security Risk & Compliance Consultant in Richmond, Virginia
U.S. Bank is seeking a Senior Information Security Risk and Compliance Consultant to performance information security risk assessments, which will inform the Bank’s information security posture. We are seeking a self-motivated individual versed in information security controls, information assurance and risk management. The candidate will collaborate across organizations to achieve mutual goals.
Responsibilities may include but are not limited to:
• Conduct in-depth security assessments with business and technology partners
• Research and understand emerging information security threats and their impact on the business environment
• Evaluate the effectiveness of controls in place to mitigate threats and communicate remaining residual risk
• Report and escalate information security risks appropriately and timely
• Provide recommendations to leadership on program effectiveness and enhancements
The ideal candidate will have a well-rounded information security background including a strong understanding of IT risk management, vulnerability and patch management, information security controls, industry standards and best practices such as the NIST 800 series, NIST CSF, and ISO 27000 series. The candidate should understand and have experience with the security configuration, as well as, various design controls, regulatory, legal and contractual requirements impacting financial institutions (e.g. GLBA, SOX, FFIEC, and PCI).
The candidate additionally will have or exhibit the following:
• Diverse technical background including experience with multiple security technologies
• Ability to analyze and articulate implications of compliance requirements
• Strong writing skills with experience in documenting assessment procedures and results
• Skilled at communicating technical information to both technical and non-technical audiences and stakeholders at every level of the organization
• Ability to build and maintain relationships across diverse technical and non-technical teams
• Bachelor's degree or equivalent work experience
• Minimum of 5 years of experience in information technology and/or information security and compliance
• Understanding of financial industry legal, regulatory and compliance requirements for information security
• Graduate/Master's level degree in the areas of information security, computer science, information technology management, technology auditing
• Experience in risk and compliance management and process development in the areas of information technology and security
• Effective communication
• Working knowledge of RSA Archer tool
• Experience in Network and/or Database Administration
• Industry certifications in the area of information security, project management and technology auditing including, CRISC, CISSP, CISM, CGEIT, CISA, GIAC GSEC, and/or comparable qualifications
Job: Information Technology
Primary Location: Minnesota-MN-Richfield
Shift: 1st - Daytime
Average Hours Per Week: 40
Requisition ID: 190022239
Other Locations: United States
U.S. Bank is an Equal Opportunity Employer committed to creating a diverse workforce.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.
- U.S. Bank Jobs