Lead Information Risk Management Analyst at Discover
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.Job Description
Responsible for managing Information Risk Management (“IRM”) Policies and Standards and for ensuring the alignment of Company’s policies and standards with industry frameworks (such as NIST CSF) and regulations (such as GLBA).
· Ensure that Technology, Fraud, Data and Information Security policies and standards at the Company stay commensurate with evolving threats and regulatory guidance by providing timely creation, maintenance, enhancements and retirement of documents.
· Be the primary point of contact for IRM-managed policies and standards.
· Create and facilitate constructive discussions and healthy debate with business partners on critical decisions around security governance.
· Identify critical areas of potential information risks and opportunities within Discover’s business processes, computer resources and information assets.
· Build constructive and collaborative partnerships/relationships across the businesses and functions to standardize development, maintenance, transition and retirement of IRM-managed Policies, Standards and Control Standards, and reframe the way business partners view information risk in their business and promote it as a value proposition.
· Maintain an Integrated Requirements Library that maps Company’s policies and standards with Authoritative Sources such as industry frameworks (NIST CSF) and regulations (GLBA).
· Ensure that Control Standards are added, revised, maintained or retired in the GRC Platform (RSA Archer) to reflect evolving changes to Policies and Standards.
· Provide timely recommendations, support and advice on Integrated Requirements Library to technology implementation teams and collaborate with Company’s Archer Team to ensure proper application of Subject Matter Expertise towards Enterprise GRC Platform.
· Ability to create and facilitate presentations to variety of audiences – including senior leadership
· Identify and understand issues, problems and opportunities as applied to risk governance, compare information from disparate sources and draw conclusions, develop and evaluate solutions, solve problems and recommend a course of action.
At a minimum, here’s what we need from you:
· Bachelor's Degree in Business, Communications, Risk Management, IT or related field
· 2+ years of experience in Financial Services, Operations Strategy/Execution, Technical Writing, Cybersecurity, Information Security, Risk Management or related field
· In lieu of a degree, 4+ years of experience in Financial Services, Operations Strategy/Execution, Technical Writing, Cybersecurity, Information Security, Risk Management or related field
If we had our say, we’d also look for:
· Familiarity with industry standards such as NIST CSF, PCI DSS, RMF, COBIT and regulations such as SOX, GLBA
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.