Job Description :
Role: Sr. Security Analyst
Location: Chicago, IL
Duration: 6 months contract
Interview: Phone and Face 2 Face
The Sr. IT Security Analyst is responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security across the enterprise. Monitors and reports on security controls that protect the confidentiality, integrity and availability of Bank’s resources. Also functions as a subject matter expert for Security Management.
Develop, revise, and enhance information security program metrics
Assist with the development and execution of a Threat and Vulnerability Management Program – review environment for vulnerability exposure and emerging threats, identifying trends, ensuring vulnerabilities are appropriately remediated
Guide and assist in the development of an IT Security Risk Register
Coordinate and conduct IT security/risk awareness training including phishing campaign development
Support the Vendor Management Program for security evaluation of critical and non-critical vendors
Work with the drafting of regulatory and audit responses and prioritize outstanding requests for information
Support the development of information security standards, best practices, and procedures
Participate and support the Incident Response Plan including the delivery of tabletop exercises
Review and report on security related events
Conduct security assessments on new/existing vendors and applications
Support the IT Security Advisory function through collaboration the with different business units providing security analysis on projects, documenting and communicating requirements and recommendations, and monitoring compliance through the development lifecycle
GRC tools, Splunk, Rapid7/Nexpose, MS Office & Windows platform,
Active Directory, Windows security controls, Application security concepts, Client sever
5+ years of security experience and 2 + years of financial experience viewed as a plus
Bachelor’s Degree in Information Technology or a related field;
Security specific certifications are highly preferred (CISSP, CRISC, GSEC, etc.
Demonstrated experience in security compliance programs
Mastery of security concepts, control frameworks, and security practices
Experience and ability to effectively work with legal, audit, compliance, and technical staff
Must have excellent communication (verbal, written, and listening) skills
Must have strong analytical/critical thinking/problem solving skills
Will require the ability to be a self-starter and to work independently as well as in a team setting
A high level of integrity and dependability are necessary to perform this role
Requires a great deal of attention to detail