Security Analyst II (Securonix)

We are seeking a highly skilled and detail-oriented Risk Controls Self-Assessment (RCSA) Control Owner to support Insider Threat management within a highly regulated financial institution. This position will play a critical role in hosting and facilitating assessments of insider threat controls, monitoring and reporting control effectiveness, and providing actionable insights to drive improvement across the enterprise. The ideal candidate will have a strong understanding of insider risk and a proven ability to manage control-related activities in a fast-paced, compliance-driven environment.

Key Responsibilities:

1. Control Assessments and Facilitation:

• Host and support business units in performing Risk Control Self-Assessments (RCSA) for insider threat controls.
• Ensure alignment with regulatory requirements and organizational policies throughout the assessment process.
• Provide guidance and expertise to business unit stakeholders to identify, document, and assess control effectiveness.

2. Monitoring and Reporting:

• Continuously monitor the effectiveness of insider threat controls across the organization.
• Develop and maintain metrics and reporting mechanisms to evaluate control performance.
• Identify and escalate control deficiencies, gaps, or risks, and support business units in developing remediation plans.

3. Scorecard Development and Presentation:

• Design and maintain scorecards to summarize insider threat control performance and effectiveness metrics.
• Present quarterly scorecards to enterprise control managers, highlighting key findings, trends, and recommendations for improvement.

4. Collaboration and Communication:

• Partner with Insider Risk, Compliance, and Audit teams to ensure proper governance and oversight of insider threat controls.
• Act as a liaison between business units and enterprise control managers, ensuring clear communication of risks, expectations, and outcomes.

5. Continuous Improvement:

• Contribute to the development and enhancement of RCSA processes, tools, and frameworks to ensure efficiency and accuracy.
• Stay informed about emerging risks, regulatory changes, and best practices in insider threat management.

Skills:

• Exceptional analytical and problem-solving skills.
• Strong written and verbal communication skills with the ability to present complex information to senior stakeholders.
• Proficiency in developing metrics, scorecards, and dashboards (e.g., Excel, Power BI, Tableau).
• Ability to manage multiple priorities and deadlines in a dynamic environment.

Key Competencies:

• Results-driven with a focus on continuous improvement.
• Collaborative and able to build strong partnerships across teams.
• Detail-oriented with strong organizational skills and attention to accuracy.

Required:

• Securonix experience
• Alerting platform
• Day to day
• Create use cases, bring in new data sources, creating alerts
• Skills: Splunk, Securonix, Enterprise Security Logging
• Importing rules from Splunk into Securonix
• Working with Ops team to fine tune these rules to make more efficient
• Use behavior analytics to advance visibility into fraud and cyber threats