The goal of this position is to partner closely with first-line Technology areas to identify, assess, prioritize, mitigate, and report on information security and technology risks. This position provides highly skilled IS/IT expertise for the development and implementation of the IS/IT risk management and compliance program.
Responsibilities require leadership and project management experience, as well as the ability to ensure effective system-wide analysis, standards, testing, risk assessment, awareness, education, and development of policies, standards, and guidelines. This position contributes to the overall Risk Management Program's goal of maintaining and increasing resiliency by identifying, assessing, and preparing for any internal and external factors and risks that could interfere with reaching Credit One Bank's goals and objectives.
Essential Job Functions:
- Evaluate risk and control identification within key processes and perform gap assessments on control coverage.
- Respond to internal and external audits, regulatory exams, and requests for information and provide review & challenge of any line of business responses to internal and external audits.
- Demonstrate In-depth practical knowledge of internal controls, RCSAs, risk assessments, and operational and compliance processes, and applicable techniques for implementation of compliance and legal requirements and operational processes.
- Manage workflows and task assignments to ensure timely completion of work.
- Think strategically coupled with the ability to drive to execution.
- Apply an execution-oriented, process efficiency, and continuous improvement mindset.
- Strong understanding and working knowledge of information technology, information security, and development governance frameworks, standards, and regulation.
- Perform other duties as assigned.
- 5 to 7 years of information technology risk experience including information security technology skills and expertise.
- 5 to 7 years participating in information technology and information security audits examinations.
- A self-starter, able to work under general supervision. Comfortable working with inter-related infrastructure, software development, and information security risk issues.
- Demonstrated knowledge of information security and information technology risk management frameworks and compliance practices and/or software development risk management frameworks and compliance practices
- Knowledge of information technology, software development, and information security controls.
- Ability to develop security policies, standards, and guidelines based on best practices and industry frameworks.
- Excellent interpersonal, communication, and presentation skills, including formal report writing experience.
- Understanding of common security standards and regulations relating to a financial services environment such as PCI-DSS, NIST CSF, Center for Internet Security (CIS), MITRE ATT@CK., ISO 27000, Agile, etc.
- Familiarity with Microsoft Office tools such as Excel, Teams, and the proven ability to learn how to use other unique technologies.
- Well-versed with financial service industry legal and regulatory requirements.
- Possess intellectual curiosity and a passion for seeking to understand.
- Strong attention to detail, highly organized
- PCI-DSS, NIST, COBIT, CSF, Center for Internet Security (CIS), Agile, etc.
- Comfortable working alone as well as in a team.
- Comfortable with public speaking across various forums and be able to effectively and logically communicate when ideas are being challenged in an open forum.
- Good knowledge and experience in both information technology/security risk management and controls assurance.
- A Bachelor’s degree in Computer Science, Information Technology, Software Development, Finance, or another related field
- Information Technology, Information Security governance, risk, and/or compliance experience in financial services or federal/state/local government including documenting risk and compliance activities.
- Experience participating in information technology, information security, and/or software development audits and risk assessments.
- Experience working in the financial services industry and or a second-line oversight function for a financial institution.
Credit One Bank, N.A. is a data-driven financial services company based in Las Vegas. Founded in 1984, Credit One Bank offers a spectrum of credit card products for people in all stages of financial life. Credit One Bank is an equal opportunity employer committed to diversity and inclusion and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation, or national origin. Reasonable accommodations can be made for those who require them, including access to job applications and workplace accommodations. Employment at Credit One Bank is based on mutual consent (also known as at-will). This means that employees and the Bank may terminate the employment relationship at any time, with or without cause and with or without notice. Please contact the recruiter for this position to learn more. Credit One Bank does not accept unsolicited resumes from agencies and is not responsible for related fees.