Lead Cybersecurity Compliance Analyst
Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
This role must be able to understand Cybersecurity standards and how to test systems for compliance to security controls. The candidate must be self motivated, able to relate well to managers, staff and peers and have strong written and verbal communication skills. The candidate must have strong project management skills and an understanding of Agile development lifecycle. The candidate needs to be able to recognize obstacles and proactively find a way around them. The candidate must be able to operate according to plan and also think creatively about how to improve processes. The candidate must have excellent problem-solving skills and be able to multi-task.
Responsibilities
- Understand impact of Cybersecurity standards on systems’ operations.
- Test systems for compliance to cybersecurity controls.
- Evaluate security risks, collect business and technical evidence
- Oversee the collection of artifacts required to demonstrate complaince and be able to clearly document how a security risk has been remediated.
- Communicate with stakeholders to gain community support for activities and solicit input to improve process.
- The ideal candidate will have good customer focus, a positive attitude and excellent interpersonal, verbal and written communication skills.
- Understand security risks and preventative measures
- Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription-threat intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings. Develops mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and take appropriate action to report each incident, as required. Analyzes the organization’s cyber defense procedures and configurations, and evaluates compliance with regulations and organizational directives.
- Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns.
- Maintains in-depth knowledge of security trends and threats. Designs and develops security solutions and processes consistent with business goals and risk tolerance. Provides subject matter expertise for supported Cybersecurity technologies.
- Develops metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives, and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.
Minimum Qualifications
At a minimum, here’s what we need from you:
- Bachelor’s Degree in Information Security, Computer Science, Business Administration, Data Analytics, or related field
- 4+ years of experience in Information Security, Computer Science, Business Administration, Data Analytics, or related field
- In lieu of a degree, 6+ years of experience in Information Security, Computer Science, Business Administration, Data Analytics, or related field
Preferred Qualifications
- Project Management
- Agile development lifecycle – Definitions of Done, User Stories, Test Criteria
- Problem Resolution
- MS Office, Project, Visio and ServiceNow
- Interpret System Dataflows and Network Topology
- System Security
- Infrastructure Systems
- Cybersecurity Frameworks
#LI-LJ1
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.