Lead Cybersecurity Analyst
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
The Cybersecurity Assessor will be responsible for conducting cybersecurity assessments on DFS managed systems and technologies, ensuring compliance to DFS Cybersecurity Standards. The Cybersecurity Assessor will be responsible for managing all aspects of the assessment lifecycle and will be expected to contribute to the ongoing development and maturity of the Standards Assurance assessment programs.
What You’ll Do
- Complete cybersecurity assessments on DFS managed systems and technologies, ensuring compliance to DFS Cybersecurity Standards.
- Manage assessment lifecycle beginning to end. Assessment activities include pre-assessment meetings, artifact/evidence collection, assessment workflow management, cybersecurity assessment report generation and documenting risk associated with compliance issues.
- Responsible for assessment program maturity, ensuring assessment-related documentation and activities align with current DFS cybersecurity standards as well as the current threat landscape.
- Contribute to the evolution of the assessment program ensuring alignment with enterprise and BT initiatives (e.g. Project Runway, One Way of Working, etc.).
- The ideal candidate will have good customer focus, a positive attitude and excellent interpersonal, verbal and written communication skills. The candidate must also possess a strong attention to detail.
- Support development and maintenance efforts associated with CSSA and CRC ServiceNow instances.
- Participate in developing the cybersecurity roadmap, and delivering secure systems, cyber applications, technical projects and regulatory and risk requirements ― includes cybersecurity framework, program optimization, vulnerability remediation, metrics reporting, performance analysis, and mitigation of operational risk in a high-velocity culture.
- Provide high-level critical thinking to perform duties related to projects, compliance, metrics, assurance, vulnerabilities, or threats.
How You’ll Do It
- Identify and evaluate potential vulnerabilities and drive the normalization, correlation, and integration of internal and subscription-threat intelligence source.
- Produce actionable intelligence in the form of reports, notifications, alerts, and briefings. Develop mitigation and countermeasure strategies from collected threat intelligence. Recognize security violations and take appropriate action to report each incident, as required.
- Analyze the organization's cyber defense procedures and configurations, and evaluate compliance with regulations and organizational directives.
- Perform in-depth analysis of security issues and/or vulnerabilities.
- Ensure compliance to audit, regulatory, and legal requirements. Build and maintain effective relationships with peers and internal business partners.
- Create effective controls to address security concerns.
- Maintain in-depth knowledge of security trends and threats. Design and develop security solutions and processes consistent with business goals and risk tolerance.
- Provide subject matter expertise for supported cybersecurity technologies.
- Develop metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
- Engage in reporting risk remediation assurance and automation/integration initiatives, and collaborate with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.
Qualifications You’ll Need
The Basics
- Bachelor's degree in information security, Information Technology, business , analytics, or related field
- 4+ years of experience in information security, computer science, data analytics, related certifications. or related field
- In lieu of a degree, 6+ years of experience in information security, computer science, data analytics, related certifications. or related field
Preferred Qualifications:
- Experience working with cybersecurity frameworks (PCI-DSS, NIST, ISO, etc.)
- Experience conducting info sec risk assessments or technology audits
- Prior experience as a cybersecurity practitioner (e.g. – experience in a cybersecurity domain such as network security, access control, cloud security, etc.)
- Industry Cybersecurity certifications (SANS, ISACA, ISC2, etc.)
- Knowledge of public cloud platforms (e.g. AWS)
- Experience with infrastructure software/hardware
- Understanding of Agile development concepts and methodologies
#Remote #BI-Remote #LI-LJ1
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.