Full-Time IT Security Governance and Regulatory Analyst III
Job Description
Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle.
JOB FAMILY DESCRIPTION
Validates security Policy, Standards and regulatory requirements are met across the business while ensuring the company and its systems are protected from security threats. Evaluates security controls to ensure effectiveness and compliance with the information security program and regulatory requirements; manages security control remediation efforts; and supports internal and external information security related audits.
GENERAL DUTIES & RESPONSIBILITIES
* Works collaboratively with corporate compliance, internal auditing and corporate risk management and various technical teams in the design and implementation of audit, risk assessment and regulatory compliance practices for the enterprise.
* Provides oversight regarding audit, regulatory and risk management activities across technical functional areas, such as the development and maintenance of regulatory documentation (e.g., FFIEC IT Examination Handbook InfoBase, NIST Standards).
* Helps to manage and enforce NIST standards for the enterprise.
* Assists with Information Security Office regulatory engagements.
* Supports SOC reports and/or assess Vendor and Client contracts for Security Risks.
* Leads, develops and maintains the technical risk and security compliance management strategy.
* Develops and maintains Policy, Standards, processes and procedures to assess, monitor, report, escalate and remediate technical risk and security compliance related issues.
* Directs technical functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.
* Advises business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.
* Educates IT and business executives on appropriate mitigation strategies and approaches.
* Coordinates the technical component of both internal and external audits, federal and state examinations.
* Performs other related duties as required.
EDUCATIONAL GUIDELINES
* Bachelor’s degree in Business Administration, Finance, or a related discipline; or the equivalent combination of education, training and work experience.
GENERAL KNOWLEDGE, SKILLS & ABILITIES
* Proven ability to affect change and redesign programs and processes
* Knowledge of the Financial Services, Software or Fintech industry a plus
* Understanding of NIST standards preferred
* Knowledge of FFIEC or other applicable regulatory agencies a plus
* Understanding of GLBA and other consumer financial law requirements a plus
* Knowledge of eGRC tools such as RSA Archer is a plus
* Ability to solve problems and recommend process improvements (move up)
* Ability to ask questions, develop a thorough understanding and write messaging and marketing materials that articulate and highlight the value of our solutions (move up)
* Understanding of Operational Risk and monitoring tools a plus
* Knowledge of Enterprise Risk models and tools as well as a good understanding of Enterprise Risk framework a plus
* Experience working with a diverse range of data sources/streams and managing these effectively
* Strong knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy a plus
* Ability to prioritize work while satisfying customer needs/concerns and representing the company’s best interest
* Ability to establish and maintain effective working relationships with employees, customers and public
* Excellent verbal and written communication skills to technical and non-technical audiences of various levels within Black Knight or outside the organization (executives, regulators, clients, etc.)
* Experience working with a project management system a plus
Security Governance & Regulatory Analyst III
Advanced professional level role. Works independently on multiple security policies and regulatory requirement projects as a project team member, more frequently as a project leader. Works on large, complex security policies and regulatory requirements analysis projects that require increased skill. Requires knowledge of risk and IT security methodologies and techniques. Primarily focuses on risk security governance and regulatory requirements, but may be involved in developing strategies, management of projects and more complicated issues. May coach more junior staff. Typically requires six (6) or more years of relevant work experience.
Black Knight is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origi n, disability, age, and protected veteran or military family status. Our employees’ diversity is our strength, and when we embrace our differences, it makes us better and brighter. Black Knight’s commitment to inclusion is at the core of who we are, and motivates us in how we do business each and every day.
How to Apply
Application URL: http://www.aplitrak.com/?adid=cmZsYWdnLjEzMjY1LjEwNTk0QGJsYWNra25pZ2h0ZmluLmFwbGl0cmFrLmNvbQ390 total views, 0 today