Cyber security

Job Description

Position Type : Full time Type Of Hire : Experienced (relevant combo of work and education) Education Desired : Bachelors Degree Travel Percentage : 0%Are you curious, motivated, and forward-thinking At FIS you ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.Career level professional role. Moderate skills with high level of proficiency. Works under general supervision with increased latitude for independent judgment. Identifies non-routine issues and routes/escalates to appropriate team member. Works on multiple concurrent projects of medium complexity. Is an active team member, contributes to complex projects to gain experience, shares ideas and suggests process improvements appropriate for level of experience Facilitates the development and implementation of processes, policies, and procedures for the identification, collection, and analysis of risk related information. Educates and trains all levels of staff and business associates about the risk management program and their respective responsibilities in carrying out program provisions. This role may act as lead on various consulting projects and risk assessments. Consults with senior peers on semi-complex processes to learn through experience. Typically requires three to five years of experience at a public company or in a related field.About the TeamOur team of associates are great to work with, and we have an awesome team of management professionals who are there to help guide you to success. We believe our clients are the most important aspect of our business. Our determination to be the best that FIS has to offer rings true with each team member through training, knowledge and a desire to excel in the financial world.What You Will Be Doing

• Monitor and manage projects from risk perspective
• Conduct risk assessment and control self-assessment
• Creation and monitoring of key risk indicators
• Identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
• Advise project team members on appropriate steps to identify and mitigate project risks
• Assist in the identification of controls required in the project design and the steps to be taken for controls verification
• Assist team in obtaining and reviewing documentation for determining control effectiveness and approval from respective teams before go live
• Assesses information risk and facilitates remediation of identified vulnerabilities with the network, systems and applications.
• Reports on findings and recommendations for corrective action. Performs vulnerability assessments as assigned utilizing IT security tools and methodologies.
• Performs assessments of the IT security/risk posture within the IT network, systems and software applications, in addition to assessments within the Vendor Management Program.
• Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk scenarios.
• Facilitates and monitors performance of risk remediation tasks, changes related to risk mitigation & reports on findings.
• Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.
• Provides weekly project status reports, including outstanding issues.
• Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.
• Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including SOX, PCI, and/or FFIEC guidance
• Promote awareness of applicable regulatory standards, upstream risks and industry best practices across the verticals.
• Oversees the planning, execution, and management of multi-faceted projects related to
• compliance, control assurance, risk management, security, and infrastructure/information asset protection.
• Provides objective evaluations of security controls, mechanisms and goals in comparison to best practices.
• Develops and manages security for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the enterprise.
• Develops security solutions for critical and/or highly complex assignments
• Leads multiple projects or programs.
• Develops, refines and implements enterprise-wide security policies, procedures, and standards across multiple platform and application environments to meet compliance responsibilities.
• Ensures policies, procedures, standards, and system configurations are documented and tracked.
• Conducts impact analysis to ensure resources are adequately protected with proper security measures.
• Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
• Communicates with multiple departments and levels of management in order to resolve technical and procedural information security risks.
• Develops remediation strategies to mitigate risks associated with the protection of infrastructure and information assets.
• Captures, maintains, and monitors information security risk in one repository.
• Leads and reviews application security risk assessments for new or updated internal or third party
• applications.
• Evaluates and recommends tools and solutions that provide security functions.

What you bring:

• In-depth knowledge of security issues, techniques and implications across all existing computer platforms.
• Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM).
• Demonstrates domain knowledge of IT infrastructure, application development / SDLC and / or information security
• Good knowledge of Dot net with C# , Jason, java script, Jcurry , APIs, WCF, SQL server 2104
• Experience in information systems, preferably within a governance, risk, compliance role
• Knowledge of ISO 30001 framework, ISO 27001 & PCI DSS, security architecture / other industry best practices
• Knowledge of IT infrastructure and security
• Ability to interact with a variety of internal and external people in a professional manner that creates confidence in his/her knowledge and abilities and helps foster mutually satisfactory resolution to control gaps and issues
• Analytical and problem solving skills
• Ability to multi-task, handle competing priorities and follow through on all open items/tasks
• Strong written and verbal communications skills including the ability to create organized and articulate summaries of risk assessment findings/points of view that are easily understood by teammates, LOBs, etc.
• Proficiency in Microsoft Office Applications
• Ability to work effectively as a member of a cross-functional team
• Work experience
• 5 or more years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 5 years experience designing and deploying security solutions.
• Master s/ Bachelor s Degree in Computer Science, Information Systems or other related field, or equivalent

What we offer youA competitive salary with attractive benefits including private medical and dental coverage insuranceA multifaceted job with a high degree of responsibility and a broad spectrum of opportunitiesA modern work environment and a dedicated and motivated teamA broad range of professional education and personal development opportunitiesA work environment built on collaboration and respectPrivacy StatementFIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.Sourcing ModelRecruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.#pridepass,

Keyskills :
risk assessmentproblem solvingrisk managementinformation riskmicrosoft officeinternal controlsecurity toolsonline privacysystems analysisenvironmental impact assessmentcomputer science