Information Security Analyst - Risk Mgmt

Information Security Analyst - Risk Management

This individual provides IT risk management oversight for Internal and External Audit compliance. This individual’s primary responsibility will be to support the company’s SOC 2 compliance activities and eMoney’s overall information security risk management program.

The evaluation of complex business processes to ensure conformance with Financial Services Industry standards, company policy and procedures, sound principles of internal control, and applicable professional standards of practice (such as SOC2, NIST); Collaboration with external auditors on audit planning, evaluation and issuance of final reports; Working with business management to remediate findings and implement process improvements; Supporting department Directors on strategic initiatives, including the development of policies, procedures and staff members.

Job Responsibilities

• Respond to and track Information Security risk assessments (SOC2, SIG, CSA, BSIMM, ISO, NIST, Network and Application Penetration test) directed to eMoney Advisor and our application.
• Leads IT SOC2 and audit projects to ensure high quality delivery. Works with external auditors on issuance of final SOC 2 audit reports.
• Assesses audit risk of complex internal controls and business processes.
• Provides guidance to the other teams with respect to Security controls.
• Reviews and improves documentation of controls to ensure compliance with professional standards.
• Communicates issues and status to Company’s management and external auditors.
• Collaborates with the IT organization on continuous process improvement within the Security control environment.
• Engage with all areas of the business to ensure compliance with required assessments per eMoney Advisor policy and procedures, works with business owners to resolve those findings. Discusses audit findings with control owners and agree on remediation plans.
• Review, assess and complete questionnaires and supporting fieldwork materials to ensure they are complete and meet eMoney Advisor expectations
• Identify opportunities for process improvements to deliver increasing operational efficiency in the processes
• Support the Risk Management process and program
• Assist with various Risk Management program initiatives, assists with special team projects as needed.

Requirements

• Equivalent work experience in Financial Services, or a bachelor's degree in Management Information Systems, or a related discipline required.
• 5 years of related experience
• 2 years of experience in IT Risk management, audit, or equivalent
• Travel Requirements: 10%

Skills

Proficiency skills including: audit, business analysis, change management, IT Risk Management, operation systems and data sources knowledge, performance metrics and reporting, technical problem resolution, project management, and vendor management

• Excellent verbal and written communication skills, including the ability to effectively lead discussions and meeting
• Proficient risk assessment, interpretation, analytical and negotiation skills
• Excellent organizational skills

The salary range for this position is $89,000 - $99,000; commensurate salary to be determined based on skills, professional background and expertise. This position is also eligible, pursuant to applicable eMoney policies, for the annual bonus program, retirement contributions, health insurance, sick leave, parental leave and paid time off.