Security Technical Control Assessment Analyst

Software Guidance & Assistance, Inc., (SGA), is searching for a Security Technical Control Assessment Analyst for a CONTRACTassignment with one of our premier Banking Clients clients in Auburn Hills, MI.
Security Technical Control Assessment is an assessment performed by subject matter experts using a defined methodology to ensure controls are in place, operating as intended, and producing the desired results. The assessment will evaluate system and network architecture, integration designs, and the ability of the application to meet security requirements leveraging standards and frameworks.

Phase 1 will focus on assessing Cybersecurity Solutions, architecture, processes, and workflows to ensure effectiveness and proper documentation of these controls.

Preferred Skills & Abilities

• Experience with IT Application Assets
• IT Third-Party Risk and/or Cybersecurity experience
• Exceptional MS Excel Skills (handling larger amounts of data, pivot tables, charts, dashboards, etc.)
• General ServiceNow and Archer experience
• Ability to review a large set of data (i.e., Asset Applications, Questionnaires) with attention to detail
  
  and accuracy
• Team-player
• Good time management skills
• Fast leaner with the ability to take clear direction and ask questions
• Experienced professional with at least eight years IT, cybersecurity, or IT support experience
• Security Awareness expertise
• Five or more years of Audit and Compliance experience
• General and/or good working knowledge of IT Resilience
• Five to eight years Data Governance experience
• Industry understanding of Risk Management or Cyber Policies and Standards
  
  Job Responsibilities

• Consult with different business and IT groups on projects.
• Contribute to projects by advising on policy adherence and standards.
• Create and work through findings and exceptions/remediation plans within RSA Archer.
• Develop solutions, policies, and procedures to remediate reported control issues.
• Ensure that solutions adhere to client's risk appetite.
• Maintain the Service Account processes and procedures.
• Maintain the SharePoint Service Account database.
• Validate and approve Service Account requests and forms.
• Review and validate System Integration Documents (SIDs).
• Maintain knowledge of current regulatory environment.
• Apply fundamental security concepts to cyber defense and understand business and risk to guide
  
  the cyber defense day to day operations
• Perform vulnerability assessment and penetration testing
• Apply fundamental security principles to tech delivery areas (cloud, SDLC, key encryption)
• Apply information security policies and guidelines to specific tech areas through instructions,
  
  training, implemented guardrails
• Identify IT and Information Security risks to an organization
• Provides security and risk management expertise to support, and use as basis for decision making
• Monitors, follows-up and secures compliance to IT security-policies and defined laws and
  
  regulations.
• Continuously challenge and improve current processes and solutions
  
  Preferred Certifications & Education
• Preferred Certifications - Certified Information Systems Security Professional (CISSP), CISM (Certified Information security Manger), CRISC (Certified in Risk and Information Systems Control)
• Preferred Education - BS in Computer Science, Computer Engineering, Mathematic, Information Security or any related field (or equivalent work experience)

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

EEO Employer: Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status.