16 days old

Information Security Risk Specialist

OneAZ Credit Union
Phoenix, AZ 85027
Apply Now
Apply on the Company Site
  • Job Code
    130135251

SUMMARY: The Risk Management Department helps all OneAZ business units identify and manage risk. The team focuses on several key risk types, including conduct, credit, financial crimes, information security, interest rate, liquidity, market, model, operational, regulatory compliance, reputation, strategic, vendor and technology risk.

The Security Risk and Compliance Analyst, as part of the Independent Risk Management function, is responsible for governance, oversight, and credibly challenging information security risk exposures and risk management practices through monitoring, analyzing, and developing standards for remediating risk that arises from inadequate or failed processes, people, systems, or external events, while maintaining a balance between risk mitigation and operational efficiency. The Primary functions are to assist with the day-to-day operation of the Business Continuity Management Program, Information Security Compliance Program and Third-Party Risk Management Program.

Any individual who meets the definition of a mortgage loan originator (MLO) and is employed by a federal agency-regulated institution will need to be registered on the Nationwide Mortgage Licensing System (NMLS). Ensures compliance with applicable policies, laws, and regulations, including the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) compliance, USA Patriot Act, and Office of Foreign Assets Control (OFAC).


RESPONSIBILITIES:

Assist with the maintenance of policies, procedures and associated plans for disaster recovery administration, business continuity, information security compliance, and associated risk.

Assist with aspects of actual recovery plan efforts, including initial emergency response, recovery procedures, and business resumption processes.

Assist with business impact analyses maintenance and updates to the credit unions critical functions.

Assist with the development of disaster avoidance strategies, impact reduction strategies, and department-specific business continuity plans.

Assist in coordination and support of business continuity and disaster recovery testing exercises and evaluations.

Develop familiarity with applicable state and federal regulatory requirements, internal requirements and industry best practices related to information security management and business continuity.

Develop and perform Information Security Risk Assessment

Track and report on the status of Information Security Managements compliance with regulatory and internal requirements to leadership.

Credibly challenge appropriateness, completeness, effectiveness, and sustainability of corrective actions taken to address situations defined as issues.

Manage the Information Security aspect of Third-Party Due diligence

Manage the development and communication of Information Security policies, procedures, processes, systems, and internal controls.

Stay abreast of emerging technology trends, methodologies, and practices.

Assist with day-to-day operations of other Security Risk and Compliance processes.

Assist with special projects as required.

Perform other duties as assigned.


Required Qualifications

5+ years of experience one or more of the disciplines above

Experience with evaluating the processes, risks and design and effectiveness of controls associated with Information Security Management risk

Demonstrated operational risk management experience.

Demonstrated issue management experience.

Experience developing comprehensive report/presentations to senior management, stakeholders, and risk and management committees.

Experience in the financial industry and technical or PCI certifications a plus

Desired Qualifications

Familiarity with risk management standards such as COBIT, ISO, PCI and NIST, business continuity management, or regulatory compliance

Strong initiative and the ability to set and manage priorities and work successfully with minimal supervision. Must manage multiple tasks/projects while maintaining attention to detail.

Excellent verbal, written, and interpersonal communication skills.

Strong analytical skills with high attention to detail and accuracy

Ability to interact with all levels of an organization.

Ability to turn preliminary or ambiguous information, ideas, or problems into well-defined plans and solutions.


EDUCATION and/or EXPERIENCE

Bachelor's degree in Computer Science, Business Continuity, Emergency Management, Information Security Management, or related field, or the equivalent in education and work experience

Certified Internal Auditor (CIA), Certified Information Systems Auditor, (CISA) Certification in Control Self-Assessment (CCSA), Certified Information Security Professional (CISSP), or Certified Business Continuity (CBCP) desired

Why join the OneAZ team?

Our culture is one-of-a-kind! Youll be joining a team of friendly, hardworking, helpful associates with the same mission guiding all that we do: We exist to improve the lives of our members, our associates and the communities we serve.

We are proud to be an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We offer robust benefits including low-cost medical, dental and vision plans, gym reimbursement, paid parental leave, generous personal days and vacation time, and an award-winning 401(k) program among many others. Take a look at our career page for detailed benefit information: www.oneazcu.com/about/careers

Additional Notes:

Candidates for this position will be required to sign an authorization for OneAZ to conduct a credit and criminal background check, pursuant to procedures in the Fair Credit Reporting Act and any other applicable laws.

All candidates will be considered for this position on an individualized basis, in compliance with all applicable equal employment opportunity laws.

Ensures compliance with applicable policies, laws, and regulations, including the Bank Secrecy Act (BSA), Anti-Money Laundering (AML) compliance, USA Patriot Act, and Office of Foreign Assets Control (OFAC).

Any individual who meets the definition of a mortgage loan originator and is employed by a federal agency-regulated institution will need to be registered on NMLS.



PI130135251
Posted: 2021-02-09 Expires: 2021-03-13

Job Opportunities

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Security Risk Specialist

OneAZ Credit Union
Phoenix, AZ 85027

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast