Security Analyst III

Job Summary W e are seeking a seasoned Security Analyst III to join our Information Risk team within Group Functions (GF) IT. This role focuses on conducting risk-based information security assessments for emerging technologies, with a strong emphasis on generative AI platforms. The analyst will help design and implement governance frameworks, ensure compliance with global standards, and manage risks across cloud-based, on-premises, and AI-driven environments. Key Responsibilities I nformation Risk & Security Controls Perform risk assessments for GF projects and technologies Define and track implementation of security controls Design and document business-as-usual (BAU) security controls for cloud infrastructure and services Evaluate tools and products for implementing security controls in cloud and on-premises environments AI Governance & Risk Management Conduct comprehensive assessments of generative AI projects Identify and mitigate risks related to AI-generated data and outputs Develop governance frameworks aligned with global risk methodologies Integrate AI governance into architecture review, project risk management, and BCDR processes Provide peer-reviewed governance assessments and regular stakeholder updates Support operational AI governance activities including incident response and vulnerability management Deliver training on AI governance best practices Respond to audits, regulatory reviews, and risk assessments related to AI governance Sta y current on emerging AI technologies, threats, and governance trends Required Qualifications 5+ years of experience in information security, with a focus on AI technologies and governance Proven experience in IT/Information Risk management for AI and data-driven projects Deep understanding of AI governance frameworks and security standards Familiarity with AI-related laws and standards (e.g., NIST, EU AI Act) Core Competencies Strong communication and influencing skills Innovative problem-solving and analytical capabilities Effective presentation and facilitation skills for diverse audiences Ability to build and maintain cross-functional relationships Excellent time management and organizational skills Collaborative team player with adaptability to shifting prio rities Nice-to-Have Skills U nderstanding of financial industry regulations and compliance requirements Education & Certifications Degree in Computer Science, Information Technology, Data Science, Business Administration, or related field Professional certifications such as CISSP, CRISC, CISM, or CISA are a plus Education: Bachelors Degree Certification: Certified Information Systems Security Professional , (Certified in Risk and Information Systems Control