Cloud Policy Standard Analyst

Software Guidance & Assistance, Inc., (SGA), is searching for an CLOUD Policy & Standard Sr Analyst for a CONTRACT assignment with one of our premier Banking Clients clients in Auburn Hills, MI.

IDEALLY Hybrid 1x a week in Auburn Hills, MI or Plano, TX.

• Provide team and organizational leadership to delivery technology standards for company's Technology organization. This responsibility includes the ability to:
• Develop technology/ information security policies and standards which state the control requirements based on risk aligned with company's regulatory requirements:
  • Assess risks and controls for protecting information applications, systems, tools, and infrastructure and translate the requirements into clearly written technology / information security policy and standards.
  • Research industry standards and public benchmarks to identify appropriate technology configuration settings and standards.
  • Monitor new laws, regulations, and industry standards that may affect how technology and information security is managed at Comerica (e.g., GLBA, FFIEC standards, PCI standards, HIPAA, Privacy laws). Assess gaps with company's existing technology/information security controls, policies, and standards and make recommendations to management as needed.
• Assist I.T. and business units throughout the corporation in the interpretation and application of company's information protection policies and standards.
• Research and develop new policies/standards or draft revisions to existing policies/standards.
  • Effectively integrate and manage the full lifecycle of technical security configuration standards within company's Technology organization.
  • Establish and maintain planning roadmaps aligned with Comerica's technical strategy.
  • Establish and manage resource demand needed to delivery all required technical security configuration standards.
  • Lead company's efforts to establish technology standards in support of company's efforts to establishing increased business processing "cloud " based services and design

Qualifications

• Bachelor's degree in Information Security or other business related field or 10 years of related technical experience
• 8 years of experience in information security controls and processes or 10 years related technical experience
• 5 years' experience in a technology role with responsibilities which span across multiple technology teams
• 3 years of experience in analysis and development of information protection policies, standards & procedures
• 3 years of experience working with Financial Institution regulatory and industry standard guidance (e.g., FFIEC IT Handbook series, GLBA, Sarbanes-Oxley,, PCI Data Security Standards, NIST, CIS)
• 3 years of experience working with control frameworks (e.g., ISO, ITIL, CoBIT, COSO)
• The following certifications are highly preferred: CISSP, CISM, CISA, CRISC, or other applicable security / technical certification.

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.