Job added in hotlist
Applied job
Contract job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Omaha, NE
View more jobs in Nebraska

Job Details

IT Security Risk amp Compliance Analyst II

Company name
First National Bank of Christiansburg, The, Inc

Omaha, NE

Apply for this job

5 hit(s)  


Job DescriptionCompany Overview:With over 20 years in the managed IT services industry, First National Technology Solutions (FNTS) is a leading provider of flexible, customized hosted and remotely managed services. Operating a state-of-the-art data center and offering customized solutions and best-of-breed technology, FNTS is a nationally recognized leader in managed IT services. With a classic Midwest culture, FNTS employs an expert team who place high value on work ethics and personalized customer service. FNTS is a subsidiary of First National of Nebraska Inc. (FNNI), a $20 billion multi-state holding company headquartered in Omaha, Nebraska, with a strong heritage of banking excellence that dates back more than 150 years.Overview: FNTS is seeking an experienced and motivated self-starter to join our team as an IT Security Risk & Compliance Analyst II. The ideal candidate is driven by identifying and reducing organizational risks through the compliance and governance program to ensure the organization meets requirements. This position functions as a team member in the FNTS Information Security Department, reporting to the Sr. Director. The Analyst II assists with the successful completion of annual audits including, but not limited to: PCI-DSS, SSAE 18 SOC 2, FFIEC, HIPAA, CSA, and GDPR. The Analyst II will also lead the review\/creation of procedures, implementation of processes, enforcement of computer system security configurations and solutions across internal and client environments in order to ensure the protection of confidential information. The Analyst II will also be instrumental in the maturation of an internal control testing framework, implementing and maintaining the eGRC solution, and assist performing various risk assessments. Other responsibilities include assessing IT risks, evaluating controls, designing appropriate IT audit testing and staying abreast of the changing compliance\/governance landscape. Key Responsibilities: Serve as a lead or primary point of contact for company audits including, but not limited to: PCI-DSS, SSAE 18 SOC 2, FFIEC, HIPAA, CSA, & GDPRAssist with the maturation of the governance and compliance program and common control testing framework(s)Execute compliance-related audits at supervisor's direction, lead\/plan testing and compile evidenceAdvise on updated laws, regulations and frameworks that have the potential to impact the governance and compliance programWork closely with external\/internal audit and multiple internal technical teams to gather audit evidenceEvaluate and determine control effectiveness (design and operating)Maintain the eGRC solutionDevelop and maintain quarterly audit updates\/reportingExplain complex information to others, including new controls, requirements and evidence materialProvide audit guidance and respond to customer inquiries, as neededAssist with documenting and reporting actual or potential information security violationsProvide governance and compliance consulting to the business, and recommend steps to mitigate potential exceptionsRevise and update security policies and standards documentationSolve problems in straightforward situations and within guidelinesMonitor systems for compliance to Information Security Policy and StandardsServe as a compliance resource and fully understand Company goals and department accountabilities.Other duties as assignedJob QualificationsJob Qualifications: Candidates should have a deep understanding of information security concepts and controls, as well as conducting audits and assessments in conjunction with external\/internal audit. Ideal candidates will have experience performing PCI-DSS, SSAE 18 SOC 2, HIPAA, FFIEC, CSA, and\/or GDPR audits. Candidates without a security certification will be seriously considered, if technical and information security experience can be demonstrated.2 years professional experience performing one or more of the following audits: PCI-DSS, SSAE 18 SOC 2, HIPAA, FFIEC, CSA or GDPR2 years professional experience working in a technical team environmentExperience and ability to develop policies or procedures to support an organization's information security and compliance programExperience with an eGRC or reporting tool, such as Archer, LockPath, OnSpring or equivalent.Ability to support information security regulatory and policy compliance activities (knowledge of SSAE 18 SOC 2, HIPAA, NIST, COBIT, ISO, PCI-DSS, FFIEC, GDPR, and other applicable laws, regulations, and rules)Experience with Windows and Linux operation systemsStrong analytical and troubleshooting skillsAbility to organize and prioritize the workload by handling multiple projects simultaneously while being able to deal with frequent interruptions and a high pressure environmentSelf-motivated, innovative, and high degree of initiative. Ability to work independently with minimal supervision and directionMust have effective verbal and written communication skillsBachelor's degree in Computer Science, MIS, Information Assurance, or other technology-related field or equivalent number of years of experiencePreferred Qualifications: One or more information security certifications GIAC, CRISC, CISSP, PCI-ISA\/PCIP, CCSP, CISA, CHP, Security , or other security certificationsAn understanding of a wide array of enterprise grade environments, applications and tools, including but not limited to: Microsoft Server, RHEL, Azure, AWS, SharePoint, Active Directory, Shavlik, SQL, RSA, and othersExperience auditing\/maintaining compliance\/governance in a multi-tenant service provider environment, including knowledge of cloud deployments: private, public, and hybridExperience with greenfield environments and zero-trust principle implementation and enforcementKnowledge of one or more language: Bash, PowerShell, Python, Perl, or equivalentUnderstanding of network architecture and implementationExperience performing audits with multiple technologies, including but not limited to:Windows, Linux, IBM z\/OS, IBM AS400, Cisco, CheckPoint, VMWare, NSX\/ACI, and EMC

Company info

First National Bank of Christiansburg, The, Inc

Company Profile

Similar Jobs:
Job Description: Why chose First Data? First Data is a global leader in commerce-enabling technology solutions, serving more than six million business locations and 4,000 financial institutions in 118 countries around the world. O...
Information Technology Intern
location Omaha, NE
\r\n\r\n\r\n\r\nThis position is not open to candidates needing sponsorship at any point in the future.\r\nAre you currently pursuing a computer-related degree at an accredited college or university?Would you like to supplement yo...
Essential FunctionsInterprets design documents, completes analysis and creates designs on simple tacticals under general supervisionConducts design walk throughs on own workCodes, tests, and debugs moderately complex programming p...
EmploymentCrossing provides an excellent service. I have recommended the website to many people..
Laurie H - Dallas, TX
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
ComplianceCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
ComplianceCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2018 ComplianceCrossing - All rights reserved. 21