IT Security Analyst

Company: Stefanini
Location: San Francisco
Posted on: January 16, 2022

Job Description:

Stefanini is looking for a IT Security Analyst in San Francisco, CA What we are looking for: In this role, you will perform at an advisory level and leverage your experience in Information Security Risk Management and Information Security to develop positive working relationships and collaborate with various District organizations to advise on all efforts related to 'Security Assurance for the Federal Reserve' (internally known as 'SAFR') for internal technologies and external service providers. Our ideal candidate has a strong security mindset, Information Security Risk Management background, and is confident providing cyber security advice to leaders all the way to the executive level. You should also enjoy the 'art' of partnership, building trust and influence with technical and non-technical partners. Customer service is a high priority. What you will do: You will work with the rest of the Risk Management and Assessment Function to perform threat modelling, risk assessments, security control evaluations, architectural reviews, and assess the quality of control information.
You will work with business partners to collect relevant information for both on premises systems and third-party systems.
You will provide risk guidance to ensure that senior leadership understands how accepted risk matches with the risk appetite of the organization.
Essential Responsibilities: Provide advice and support to the 12th District risk strategies, identify risks in the Bank's processes and technologies, and lead improvement initiatives to minimize risk. The ideal candidate for this role will have the ability to blend and utilize their technical, organizational, business, and cyber security skill sets.
Understand technical implementation details necessary to assess security risk and recommend security control improvements or identify mitigating controls
Support and ensure compliance with Bank and FRS security controls, policies, and procedures
Drive education of process/control owners, so they better understand the controls framework and their operational responsibilities
Perform complex analysis of security issues and proactively examine for and recommend sustainable solutions utilizing established methodology and tools within risk and compliance areas
Partner with developers and business areas to understand their technical and business requirements and help enable them to do their work securely
Communicate security risk and implications to stakeholders at all levels

Job Requirements:
Requirements: Bachelor degree in Computer Science/Information Technology/Cybersecurity, or related disciplines and/or equivalent work experience
Typically requires 5 years of experience in cybersecurity including: security advising, security assessment, security architecture, and/or security engineering
Understanding of Cloud (AWS or Azure) architecture and services and implications to security
Familiarity with NIST 800 special publications, FedRAMP, and other risk frameworks
Demonstrated ability to explain complex IT and data related issues to non-expert, non-IT staff and management in a manner that allows clear comprehension of the risk implications
Deep collaboration and influencing skills
Excellent consultative skills and the demonstrable ability to work effectively with business partners, internal management and staff, and vendors and consultants
Strong critical thinking, analytic and problem-solving skills.
Preferred : Meaningful industry certifications such as AWS Security Specialty, Azure Security Engineer Associate, CISSP, CRISC, and/or CCSP

Keywords: Stefanini, San Francisco , IT Security Analyst, Professions , San Francisco, California