Technology & Security Compliance Analyst I

Technology & Security Compliance Analyst I
Location: New Jersey
Team Overview
Join our dynamic Technology Risk and Compliance team, where we manage and execute the Technology Risk Oversight Program (TRO). Our mission is to provide independent oversight of the Bank's current and planned information technology environment, ensuring it operates in accordance with governing practices and supports the Bank's Risk Appetite and tolerance levels.
Position Overview
As a Technology & Security Compliance Analyst I, you will assist in managing and executing the TRO program. Your role will involve ensuring continuous compliance through Regulatory gap analysis, Industry Framework gap analysis, and Controls Validation. You will also support services such as Maturity Assessments, IT Threat Monitoring, and Risk Scenario Analysis.
Essential Job Functions

• Compliance Execution: Support the TRO program's continuous compliance function, including Regulatory Gap Analysis, Industry Framework gap analysis, and Controls Validation.
• Regulatory Advice: Provide guidance on meeting technology-focused regulatory obligations and assess the impact of proposed regulations.
• Project Participation: Actively participate in projects and initiatives as a technology risk representative, bringing a proactive risk management focus.
• Maturity Assessments: Collaborate with IT to perform Maturity Assessments for the Bank's technology risk drivers and identify improvement opportunities.
• Risk Monitoring: Maintain an up-to-date understanding of internal and external emerging risks, identifying potential threats and vulnerabilities.
• Incident Evaluation: Investigate and evaluate technology-related operational incidents, assessing breakdowns and identifying opportunities for internal control improvement.
• Special Projects: Work on special and ad-hoc projects as assigned by the Technology Risk Working Group of the Technology and Operational Committee.
• Deliverable Preparation: Assist in preparing technology risk-related deliverables.

Skills & Experience

• Experience: Minimum 3+ years' experience in cyber security, risk, compliance, or technology governance.
• Compliance Knowledge: Solid understanding of compliance concepts and practices.
• Frameworks & Regulations: Must have familiarity with common risk and information security management frameworks (e.g., COBIT 2019, NIST, ISO 27001, FFIEC) and regulatory oversight.
• Governance Documentation: Proficiency in managing policies and procedures.
• Technical Expertise: Experience in areas such as cyber security, identity access management, vulnerability management, cloud security, penetration testing, or encryption management.
• Control Validation: Experience validating controls and reporting deficiencies.
• Audit Experience: Experience performing technology audits and/or SOX reviews is a plus.
• Incident Investigation: Experience investigating risk events or control breakdowns and providing remediation guidance.
• Industry Knowledge: Experience in the financial services industry and banking is a plus.
• Certifications: Related security, technical, and/or risk professional certifications (e.g., CRISC, CISA, CISM, CGEIT, CSX-P, CCSK v4, CISSP, SANS, AWS) are desired.
• Strong Interpersonal Skills - Multi-tasking, teamwork, analytical, adaptability, highly organized, strong communicator

Salary Range

$105,000 - $125,000

The Federal Home Loan Bank of New York is committed to recruit, hire, develop, motivate, promote, retain, and compensate all applicants and employees in a nondiscriminatory manner without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a parent, disability, genetic information, military or veteran status, or any other characteristic protected by applicable law (including title VII of the Civil Rights Act of 1964).