Junior Security Advisor
- Jersey City, NJ, USA Jersey City NJ US
- Permanent, Full time
- New York Life Insurance Company
- 18 Aug 18 2018-08-18
Junior Security Advisor
Alternate locations: Atlanta, GA (Georgia); Clinton, NJ (New Jersey); Jersey City, NJ (New Jersey)
New York Life Insurance Company is the largest mutual life insurance company in the United States. Founded in 1845 and headquartered in New York City, New York Life reported 2017 operating earnings of $2.06 billion. Total assets under management at year end 2017, with affiliates, totaled $586 billion.
New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+ (Source: Individual independent rating agency commentary as of 8/1/17).
Financial strength, integrity and humanity-the values upon which New York Life was founded-have guided the company's decisions and actions for over 170 years.
The security advisor associate (SecAdv) is responsible for ensuring that the design of business solutions meets security and compliance mandates. The SecAdv partners with stakeholders across the organization and in the Information Security Risk area to securely achieve the functional requirements of business initiatives.
- Work closely with Chief Information Security Officer, enterprise architecture, line of business technical teams, risk management, infrastructure, compliance, and operations teams.
- Review proposed and existing applications, infrastructure and process to, identify design gaps, and recommend security enhancements.
- Participate in solution architecture design; support security efforts assisting with the integration and implementation of solutions.
- Support the Security Exception process by being a subject matter expert.
- Support Information Risk, as a subject matter expert to review and document risks, define risk treatment plans, and determine when the plan meets the standards and needs of New York Life.
- Be able to define compliance on requirements, including: Sarbanes-Oxley, HIPAA/HITECH, New York State DFS, global data privacy requirements, as well as state and federal regulations.
- Serve as information security subject matter expert, trusted advisor; provide advisory and consulting services as needed.
- Understand current as well as emerging security threats and design security solutions to mitigate threats where possible.
- Stay familiar with new security technologies and integrate into security architecture design when appropriate.
Desired skills and experience
- Minimum of 2 years of hands-on technical information security experience.
- Previous consulting, sales, or direct engineering experience is ideal
- Broad knowledge of security principals and technologies.
- Bachelor's degree in computer science, MIS, or related field preferred.
- Experience designing and implementing security solutions into larger IT projects ideal
- Strong, problem-solving skills and ability to identify, analyze, and resolve problems, driving solutions through to completion. Ability to translate complex technical information across all levels of the organization.
- Some familiarity with ISO 27000 Security policy and controls is ideal.
- Good written and verbal business English.
- Good presentation skills.
- Good facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, vendors.
- Ability to work effectively with a team, delivering high performance and customer satisfaction in a global, matrix-management environment.
- Ability to translate business drivers and priorities into security design.
- Energy and a clear passion for the role.
- Demonstrated personal values aligned with the corporate values.
- Willingness to travel internationally, with experience of dealing with different nationalities and cultures.
- Willingness to learn new technologies and integrate with older technologies.
- Experience with contract language in the context of security is ideal.
- Experience with Supplier Risk issues is ideal
Roles, skills, and attributes desired
- CISSP-ISSAP or SANS GIAC certifications are ideal.
- Familiarity with Payment Card Industry Standards (PCI) helpful
- Familiarity with SOX controls is helpful
If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.