Principal, Security Assurance

  • Competitive
  • Alpharetta, GA, USA
  • Permanent, Full time
  • E Trade Financial
  • 25 May 19

Principal, Security Assurance

Who We Are E*TRADE is a leading financial services company and a pioneer in the online brokerage industry. Having executed the first-ever electronic trade by an individual investor more than 30 years ago, the company has long been at the forefront of the digital revolution, offering easy-to-use solutions for individual investors and stock participants. Founded on the principle of innovation and determined to level the playing field for individual investors, E*TRADE delivers digital platforms, tools, and professional assistance to help investors and traders meet their near-and long-term investing goals. The Company provides these services both online and through its network of customer service representatives and financial consultants - over the phone at two national branches and in-person at 30 E*TRADE branches.

About the Role The Principal, Information Security Assurance is a key member of the Information Security Assurance team and responsible for managing and reporting on security compliance programs in a manner that meets corporate, legal and regulatory requirements. The Principal, Information Security Assurance is also responsible for the creation and maintenance of the Information Security Assurance Program documentation.

This position requires a strategic thinker with strong collaboration skills, detailed working knowledge of compliance best practices, and familiarity in implementing programs for maintaining compliance for a highly regulated business environment. The Principal, Information Security Assurance must be highly knowledgeable about the business environment and must ensure that information systems are proactively maintained in a fully functional, compliant mode.

RESPONSIBILITIES

  • Define, implement and monitors the Information Security Assurance program as well as continuous control monitoring. This includes performing activities and testing related to database governance and configuration management testing.
  • Manage the Information Security controls baseline and controls maturity model
  • Communicates and ensures programs are in compliance with applicable laws, regulations, policies, and standards
  • Coordinates with IT Leadership Team, First and Second Line Risk Teams, and Internal Audit to facilitate key compliance processes and identify acceptable levels of risk
  • Collaborate with executive management and department leaders to assess near- and long-term Information Security compliance needs
  • Serve as subject matter expert to internal business and technology teams on range of compliance standards as influenced by regulatory mandates (e.g. GLBA, SOX 404, HIPAA, etc.) and industry best practices (e.g. NIST CSF, ISO 27001 and 27017, ITIL, COSO, COBIT, etc.)
  • Participate in key initiatives as the subject matter expert to ensure alignment with Information Security programs and initiatives


Qualifications BASIC QUALIFICATIONS
  • Minimum of 5 years of experience in Information Security, Internal Audit and/or IT Risk Management functions
  • Minimum of 5 years of experience with managing IT, Internal Audit or Information Security compliance programs
  • Minimum of 4 years of DBA experience or experience with database governance / management
PREFERRED QUALIFICATIONS
  • Minimum of 5 years of experience with IT and information security best practices
  • Minimum of 5 years demonstrating technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), firewalls, routers, mobile devices, virtualization and cloud computing
  • Minimum of 4 years of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS
  • Minimum of 2 years of project management and organizational skills, specifically managing multiple, concurrent projects
  • Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired.
    CISSP, CISA, CISM or CRISC certification is highly desired
  • A minimum of 4 years in the following areas:
    • Exhibiting strong interpersonal, written, and oral communication skills
      • Working as a self-motivated and directed professional, with keen attention to detail
      • Displaying excellent analytical, problem-solving and decision-making abilities
      • Effectively prioritizing tasks in a high-pressure environment
      • Providing strong customer service and solution-focused orientation
      • Working in a team-oriented, collaborative environment

We offer a competitive and comprehensive benefits package. Please visit https://www.etradecareers.com/why-work-at-etrade/employee-benefits/ to learn more about the opportunities.

E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.