Risk and Security Analyst - level III
Company: Capital Group
Location: New York
Posted on: February 15, 2025
Job Description:
"I can succeed as a Technology Risk and Security Analystat
Capital Group."The Technology Risk organization is responsible for
the implementation of an effective Technology and Security risk
management framework that partners with various lines of defense
and stakeholders in the organization. The role is a strategic role
within the Chief Information Security Officer (CISO) organization
to drive the achievement of our strategic plan for risk
management.This role presents significant intellectual and
technical challenges with tremendous opportunity for business
impact. Leveraging new and emerging technologies is key to Capital
Group realizing its long-term strategic objectives and identifying
the risks these new technologies present to Capital Group and
finding ways to adequately eliminate or mitigate these risks will
be both challenging and immensely rewarding. A key part of the role
will be collaborating withother internal risk functions to support
evaluations of the effectiveness of Capital's technology policy and
controls infrastructure, as well as providing external auditors and
regulatory examiners with the materials necessary to conduct their
work.As a Technology Risk and Security Analyst, you will be
responsible for contributing to the overall work efforts that
identify, assess, track remediation efforts, and manage technology
related risks across Capital Group. You will be a key member of the
Technology Risk Team, and you will serve as anadviser to business
areas on their security and technology risks.Responsibilities:
- Governance, Risk and Control Assessments
- Support oversight of the following risk and control
capabilities:
- IT and security policies, standards, and procedures
management
- Threat identification and risk assessment
- Metrics and reporting
- Testing and external assurance oversight
- Remediation management
- Support first and second line of defense risk functions and
relevant governance committees and other stakeholders as
appropriate to develop the technology risk management agenda.
- Support the design and implementation of best practices and
technology risk management frameworks across the Information
Technology Group (ITG).
- Help establish and contribute to the application of Technology
risk policies, and governance processes to create lasting solutions
for minimizing losses from failed internal processes, inadequate
controls, and emerging risks.
- Assess' risks and drive actions to address the root causes that
persistently lead to operational/technology risks losses by
challenging both historical and proposed practices.
- Review control exception requests and ensure risk mitigation or
acceptance strategies are appropriate with input from your
manager.
- Provide advisory services to technology and business teams on
technology risk and control matters pertaining to projects on firm
initiatives and projects.
- Enable the creation of and distribution of actionable risk
metrics and reports.
- Facilitate collaboration for risk analysis, remediation scoping
and prioritization, reporting and engagement with stakeholders to
enable oversight and effective risk decision making.
- Support the design and implement the collection and reporting
of key risk and control metrics.
- Support the technology risk governance committee as well as
other risk committees in the organization to establish a shared
view of risk.
- Monitor for emerging risks; recommend and implement mitigation
strategies to address those risks."I am the person Capital Group is
looking for."
- You have a bachelor's degree in IT, risk and security
management, computer science or related field.
- You have at least 5-7 years of technology risk and security
management experience successfully identifying, assessing, and
mitigating technology risks in a complex, fast paced
environment.
- You have experience managing technology risk for infrastructure
environments at an enterprise scale (e.g., Information Security,
Cyber Security, Security Operations, Governance, etc.).
- You have experience supporting technology risk programs.
- You have expertise supporting the management of risks
associated with agile software engineering practices, use of public
cloud environments and big-data analytics.
- You've worked with internal risk and security teams, auditors,
and regulatory examiners.
- You have superior analytical skills and demonstrated success
identifying and solving ambiguous risk related problems.
- You have proven ability to balance risk mitigation proposals
with business objectives and always do what is in the client's best
interests.
- You have experience designing and implementing processes to
identify, assess and test key technology and information security
controls.
- You have the ability to operate with a limited level of direct
supervision.
- You can exercise independence of judgement and
autonomy.Southern California Base Salary Range:
$108,135-$173,016San Antonio Base Salary Range: $88,896-$142,234New
York Base Salary Range: $114,629-$183,406In addition to a highly
competitive base salary, per plan guidelines, restrictions and
vesting requirements, you also will be eligible for an individual
annual performance bonus, plus Capital's annual profitability bonus
plus a retirement plan where Capital contributes 15% of your
eligible earnings.You can learn more about our compensation and
benefits .* Temporary positions in Canada and the United States are
excluded from the above mentioned compensation and benefit plans.We
are an equal opportunity employer, which means we comply with all
federal, state and local laws that prohibit discrimination when
making all decisions about employment. As equal opportunity
employers, our policies prohibit unlawful discrimination on the
basis of race, religion, color, national origin, ancestry, sex
(including gender and gender identity), pregnancy, childbirth and
related medical conditions, age, physical or mental disability,
medical condition, genetic information, marital status, sexual
orientation, citizenship status, AIDS/HIV status, political
activities or affiliations, military or veteran status, status as a
victim of domestic violence, assault or stalking or any other
characteristic protected by federal, state or local law.
Keywords: Capital Group, New York , Risk and Security Analyst - level III, Professions , New York, New York
Didn't find what you're looking for? Search again!
Loading more jobs...