Risk Controls Security Analyst at Randstad USA

- Define, develop and implement program on applications', in assigned business, compliance to standards and respond to questionnaires adjusting to target audience; serve as key liaison and contact for stakeholder groups

- Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents including regulatory compliance requirements and reporting

- Conduct project consulting on assessment of risk, definition of required controls, appropriateness of implemented control procedures, vulnerability assessments and any other relevant areas 
location: New York, New York
job type: Contract
salary: $75 - 77 per hour
work hours: 9am to 5pm
education: Bachelors
 
responsibilities:

- Lead or contribute to completion of risk and control design assessments for applications in assigned business, communicate and document impact of control gaps to the business and the overall Bank, risk mitigation, remediation plans, and remediation strategy

- Contribute to the definition, development, and oversight of a global security management strategy and framework.

- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG's business.

- Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area

- Adhere to internal policies / procedures, technology control standards, and applicable regulatory guidelines

- Work collaboratively within Enterprise Protect & Office of the CISO (EP&OCISO), TD Securities and with other key stakeholders, on activities targeting the management of operational risks associated with technology

- Understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner

- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement

- Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.

- Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise

- Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness

- Actively manage relationships with other areas of Technology / businesses / corporate and/or control functions and ensure alignment with enterprise and/or regulatory requirements

- Keep abreast of emerging issues, bank policies/standards/processes, trends, and evolving regulatory requirements and assess potential impacts to the Bank

- Participate in business specific / cross-functional / enterprise initiatives as a subject matter expert helping to identify risk / provide guidance

- Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency

- Establish effective relationships across multiple business and technology partners, program and project managers

- Participate in knowledge transfer within the team and business units

MUST HAVE:

• Information security specialist experience
  
  
• Experience in managing risk control self-assessments and control gap assessments
  
  
• Regulatory experience
  
  
• Technology background and comfortable speaking with technologists
  
  
• Comfortable dealing with executives and managing directors - experience.
  
  
• Controls review and assessment experience.
  
  
• Understanding of cloud computing and moving applications to a cloud environment
  
  
• Experience in Issues Management process including remediation facilitation

NICE TO HAVE

• Broker dealer knowledge
  
  
• Derivative and prime brokerage experience
  
  
• Corporate investment banking experience
  
  
• TD experience
  
  
• RSA Archer experience
  
  
• Tableau experience
  
  
• JIRA & Confluence experienc