JOB SUMMARY This Security Analyst III position is part of the Information Risk team, responsible for comprehensive information security assessments of new technologies, including generative AI. The role involves maintaining governance frameworks, ensuring compliance with security standards, and managing risks associated with cloud, on-premises, and AI-driven platforms and services. Key activities include performing risk assessments for projects, designing and implementing BAU security controls, and evaluating products for security control implementation. Key Responsibilities Conduct comprehensive assessments of IaaS, PaaS, SaaS, and generative AI projects, identifying and mitigating risks. Develop and implement governance frameworks tailored to generative AI, ensuring alignment with global information risk assessment methodologies. Collaborate with cross-functional teams to integrate the Risk framework with existing processes such as architecture review, project risk management, and Business Continuity & Disaster Recovery. Manage priorities between tasks, ensuring timely delivery of governance assessments and updates. Participate in project meetings to advise on risks and impact, providing timely updates to stakeholders. Ensure each information risk assessment completed is peer-reviewed for completeness before distribution to stakeholders. Support operational security activities including segment specific security processes (e.g., incident response, vulnerability management, Firewall reviews). Provide training to key stakeholders around information risk assessment processes and security best practices. Respond to audits, regulatory reviews, risk and controls self-assessments. Stay informed on emerging AI technologies, evolving threats, and opportunities within the AI governance discipline. Required Qualifications 5+ years of experience in Information Risk management: vendor risk management, project risk management, IT audit, or IT controls assessment. Experience in a combination of relevant technical disciplines in the field of Information Security: network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity. Deep knowledge of cloud computing security and IaaS, PaaS, or SaaS environments. Familiarity with laws and standards frameworks (e.g., NIST, ISO27001, GDPR, Sarbanes-Oxley, EU AI Act). Strong communication and influencing skills, with the ability to foster a culture of AI governance and risk management. Effective problem-solving and analytical skills, with an innovative approach to information security risk management culture, problem solving, analytical and innovative. Strong presentation and facilitation skills for diverse audiences. Ability to build and maintain strong relationships across teams and stakeholders. Collaborative team player with excellent time management and organizational skills to handle multiple tasks and changing priorities. Preferred Qualifications Understanding of the financial industry and its regulatory requirements is preferred. Certifications Relevant professional designations (e.g., CISSP, CRISC, CISM, CISA) are a plus. Education: Bachelors Degree
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: compun
- Position Id: AMADC5818516
- Posted 5 hours ago
Never miss an opportunity! Create an alert based on the job you applied for.
