Security Assurance Specialist
Who We Are More than 30 years ago, E*TRADE pioneered the online brokerage industry by executing the first-ever electronic individual investor trade. While the landscape of our industry has changed dramatically, our culture of innovation and drive to make online trading accessible to everyone continues to drive us forward. We believe in challenging the status quo, fostering an environment of curiosity and learning, and, above all, putting our customers first.
About the Role
The Security Assurance Spcialist is a key member of the Cyber Risk Management team and responsible for managing and reporting on risk programs related to cyber and information security in a manner that meets corporate, legal and regulatory requirements. The Security Assurance Specialist is also responsible for supporting the continuous development of the Cyber Risk Management framework, processes and related documentation.
This position requires strong collaboration skills, detailed working knowledge of IT and information security and risk management best practices, and familiarity in executing enterprise-wide programs in a highly regulated business environment. The Security Assurance Specialist must be highly knowledgeable about the business environment and must ensure that risks to information assets are proactively managed within the risk appetite.
Primary Responsibilities and Activities:
- Performs risk assessments based on the defined cyber risk framework including risk assessments for third parties (vendors)
- Communicates and ensures IT and information security risks are managed in compliance with applicable laws, regulations, policies and standards
- Coordinates with IT Leadership Team, First and Second Line Risk Teams, and Internal Audit to facilitate key risk management processes and identify acceptable levels of risk
- Collaborate with executive management and department leaders to assess risk posture and concerns
- Serve as subject matter expert to internal business and technology teams on range of risk management activities and industry best practices
- Participate in key initiatives as the subject matter expert to ensure alignment with IT and Information Security programs and initiatives
Qualifications Minimum Required:
- Minimum 3-5 years experience in Information Security and/or IT Risk Management functions and in the following areas:
- Proven experience with IT and Information Security best practices.
- Technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), firewalls, routers, mobile devices, virtualization and cloud computing.
- Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS.
- Proven project management and organizational skills, specifically managing multiple, concurrent projects
- Strong interpersonal, written, and oral communication skills
- Highly self-motivated and directed professional, with keen attention to detail
- Excellent analytical, problem-solving and decision-making abilities
- Able to effectively prioritize tasks in a high-pressure environment
- Strong customer service and solution-focused orientation
- Experience working in a team-oriented, collaborative environment
- Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired.
- CISSP, CISA, CISM or CRISC certification is highly desired
We offer a competitive and comprehensive benefits package. Please visit https://www.etradecareers.com/why-work-at-etrade/employee-benefits/ to learn more about the opportunities.
E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.