Security Risk Management Senior Analyst - Contract Role

Td Ameritrade Saint Louis , MO 63150

Posted 3 weeks ago

This is a Non-Employee Contractual Worker or Temporary Worker providing services for TD Ameritrade. This Non-Employee role will be employed by TD Ameritrade's preferred 3rd Party Supplier only.

As a Non-Employee Contractual Worker or Temporary Worker, the position will support the management and performance of risk assessments. Position will also manage the security risk register to centralize security risks and support the communications to TDA stakeholders.

Responsibilities:

  • Partner with Security Risk Management peers to analyze and collect risk data from existing vulnerability, vendor management, project, threat management, and application related processes

  • Develop and maintain effective workflows for the automated collection, storage and reporting of risk data

  • Recommend security controls and/or corrective actions for mitigating technical and business risk

  • Conduct risk assessments of business processes, technology designs, security controls, technology architectures and product designs

  • Analyze technology and business designs to identify and assess security risk

  • Develop risk registers, security questionnaires and surveys to aid in the effective execution of risk assessments

  • Participate in technology and security strategy planning processes to ensure identified risks are identified and included in departmental planning

  • Report and escalate outstanding risk findings, as appropriate

  • Record and report security risk data within a Governance Risk and Compliance platform

  • Develop trending reports to identify areas of focus and risk concentration

Requirements:

  • CISSP and/or CRISC preferred

  • Bachelor's degree in a related field and/or a minimum of 5 years of equivalent experience.

  • 5+ years of experience in performance of security risk assessments

  • Experience securing multiple platforms and operating systems

  • Expertise in standard information security concepts

  • An understanding of security frameworks: ISO 2700X, NIST, CIS

  • Understanding of JIRA or Archer will be helpful.

  • Military education or experience may be considered in lieu of civilian requirements listed

To all recruitment agencies: TD Ameritrade does not accept agency resumes without a signed contract and use of the agency portal. Please do not forward resumes to our job alias, TD Ameritrade employees or any other company location. TD Ameritrade is not responsible for any fees related to unsolicited resumes.

At TD Ameritrade, the health and safety of our employees and candidates is our highest priority, and we have recently transitioned the majority of our employees to working from home. While we are still actively recruiting, due to the current situation related to the Coronavirus (COVID-19), we have made some critical changes to our recruiting process that eliminates the need for any face to face contact. As your application progresses, you can expect interviews to be conducted either on the phone or via video conference. Our Talent Acquisition Partners will guide you throughout the interview process and will be on hand to answer any questions you might have.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Cyberecurity Governance Risk Management & Compliance 200000Dx Attention Military Veterans
New!

Tech-Connect

Posted Today

VIEW JOBS 6/4/2020 12:00:00 AM 2020-09-02T00:00 <strong>Director, Cybersecurity Governance Risk Management & Compliance – 200000DX </strong><br /> <br /> <strong>Work Location:  Columbus, IN</strong><br />   <br /> <br /> <br /> No, this isn’t one of those ordinary jobs.<br /> We are is a team of dependable, innovative thinkers, who are empowered to generate and deliver solutions for customers, community, and environment. Our employees develop their careers through the challenges only a diverse, global innovator can promise. This is a collaborative culture where thinking beyond your desk is more than part of the job. It is the job.<br /> <em>This is what we call Working Right.</em><br />  <br /> <strong>Description</strong><br /> We are a place big enough to coach and develop a global workforce and create the world’s leading clean, engine technology. We’re also small enough for you to find your fit and personal passion with a team of dependable, innovative thinkers who are developing their careers within a diverse, inclusive, empowering environment.<br /> Seeking a Director of Global Cybersecurity – Governance, Risk Management and Compliance in Columbus, Indiana. A security and risk thought leader experienced in strategy and planning, risk governance and management. The successful candidate will be an integrator of people and processes, a problem solver, an effective consultant and have strong knowledge of information security best business practices and risk management frameworks.<br /> Learn more about this role and how you can begin <em>Working Right</em> .<br /> <br /> <strong>Your impact will happen in these and other ways:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for leading the development of global risk mitigation strategy, road map, tools, resources, and applicable policies.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Sponsors and applies Global Cybersecurity policies and data privacy principles to manage risks related to the use, processing, storage, and transmission of information or data.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Management of technical staff supporting Global Cybersecurity Threat and Vulnerability</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Management, Global technical standards, Global Cybersecurity policy, Cybersecurity policy exceptions, Global Awareness & Training, and Third-party (Vendor) Risk Assessments.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Participate as a key member of a senior level IT Management Team.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for a significant area within IT from a scope perspective</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Provide input to development of IT Strategies</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for team financial management including AOP, budget management, and forecasting.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for People Management including work plan development, performance management, and people development.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for team building and development including organization structure, recruiting, global team management.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Compile and present Management Reports on team performance including metrics, deliverable status, etc.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Communicate status to senior management – IT and business.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Accountable for Six Sigma training, usage and goal attainment for the team.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ensure team adherence to all IT processes, policies, and procedures including IT Security.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible of IT Controls compliance for the team Engagement with customers in their respective function or business area.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Governance/Leadership for all program/projects executed or supported by their team</li> </ul> <strong>Experience</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5 years of Cybersecurity experience preferred</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">8 years leading teams</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Requires a high level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Leadership ability to attract and retain technical staff is a key skill</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Requires excellent verbal and written communication skills with the ability to influence and manage conflict within and across organizations, functions and business areas</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Working knowledge of NIST Cybersecurity Framework and Global cybersecurity regulatory environment is required</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Significant level of relevant work experience, including managerial and budgetary experience, required</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Broad business knowledge required</li> </ul> <strong>Qualifications</strong><br /> <br /> <strong>Financial acumen -</strong> Interpreting and applying understanding of key financial indicators to make better business decisions.<br /> <strong>Decision quality -</strong> Making good and timely decisions that keep the organization moving forward.<br /> <strong>Ensures accountability -</strong> Holding self and others accountable to meet commitments.<br /> <strong>Drives results -</strong> Consistently achieving results, even under tough circumstances.<br /> <strong>Manages conflict -</strong> Handling conflict situations effectively, with a minimum of noise.<br /> <strong>Develops talent -</strong> Developing people to meet both their career goals and the organization’s goals.<br /> <strong>Builds effective teams -</strong> Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.<br /> <strong>Communicates effectively -</strong> Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.<br /> <strong>Project Portfolio Management -</strong> Plans, prioritizes, sequences and manages one or more project portfolios utilizing analysis of portfolio risk and performance (diversification, value assurance assessment, company synergy, alignment, and long-term maintenance) to optimize and prioritize projects and maximize business value.<br /> <b>Strategic Road map Planning -</b> Produces a high-level, multi-year product and capability road map utilizing internal and external business resource, asset and market knowledge and experience to communicate the organization's focus and priorities to internal and external stakeholders.<br /> <strong>Release Planning - </strong>Plans and manages the release of capabilities, features or products using inputs from the prioritized road map, planning, available resources and skills to communicate expected availability and releases of capability.<br /> <strong>Project Resource Management -</strong> Develops resource (expense and headcount) plans using recommended project management tools and processes to manage resources effectively.<br /> <strong>Education, Licenses, Certifications</strong><br /> College, university, or equivalent degree in Information Technology, Business or a related subject required<br /> CISM Preferred<br /> CISA Preferred<br /> <br /> <strong>Compensation and Benefits</strong><br /> Base annual salary commensurate with experience plus annual variable compensation. Additional benefits vary between locations and include options such as our 401(k) Retirement Savings Plan, Cash Balance Pension Plan, Medical/Dental/Life Insurance, Health Savings Account, Domestic Partners Coverage and a full complement of personal and professional benefits.<br />   <br /> <strong>E-verify</strong><br /> We are an equal opportunity and affirmative action employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law.<br />  <br /> We validate right to work using E-Verify.<br /> We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s Form I-9 to confirm work authorization. To learn more about E-Verify, including your rights and responsibilities, please visit <a href="http://www.dhs.gov/E-Verify">www.dhs.gov/E-Verify</a> .<br />  <br />  <br />  <br />  <br />  <br />   Tech-Connect Saint Louis MO

Security Risk Management Senior Analyst - Contract Role

Td Ameritrade