Information Security Analyst- International Bank

International Bank is seeking an Information Security Analyst who will perform duties related to 3rd Party Risk Management, and Operational Risk Management. This position will assist the CISO to manage and maintain the 3rd Party Riks Managment Program and will act a backup to perform Information Security duties as well.3rd Party Risk ManagementAssist in the development and maintenance of the 3rd Party Risk Management ProcedureManage and maintain the 3rd Party processes including but not limited to regulatory expectations, risk assessments, gap analysis and processConduct periodic evaluations and assessments of 3rd Party vendors including the on-boarding and off boardingMaintain and conduct periodic 3rd party awareness training to keyPrepare key metrics for Management and Committee reporting.Assist in preparing audit materials as requested by the Internal AuditOperational Risk and Regulatory ReportingEnhance the Branch's operational risk managementReview RCSA of each group of the Branch upon changes and make challenges including annual review which involves analysis and aggregation of the RCSAResponsible for tracking record of Operational Risk Reporting in the Branch so that the Branch can monitor and analyze the operational risk incidents as well as confirm the preventiveEngage in identifying, measuring, reviewing, aggregating monitoring, or controlling operational risks within the risk appetite for US operations independently from the businessReport the Branch's operational risk management to Branch senior management, IT & Operational Risk Committee, Branch Oversight Committee and US Risk Committee (the "USRC") to reviewHelp USCRO to oversee the activities of CRM who serve as the risk management function for the Branch and determine key risk indicators to be monitored on a regular basis and to ensure that the Branch's business activities are performed within the US riskProduce a monthly report that summarize the status of operational risk incidents and commentary that includes the result of quarterly RCSA checking to senior management on a monthlyInformation SecurityAct as a secondary/back-up to perform Information Security tasks, reviews and user administration.Requirements Bachelor's degree in Information Security, Computer Science or related fieldKnowledge of 3rd Party RiskKnowledge/experience of Operational RiskKnowledge of Windows, Windows servers including active Directory and AS400Knowledge of security tools such as Anti-Virus, Vulnerability Scanner and SIEMIn-depth understanding of Information Security Administration.Professional Security certification not required but aKnowledge of information security related topics such as FFIEC, NYDFS Part500, ISO 270XX,

Created: 2025-01-14