Lead IT Security Analyst

Position Title

Location

Job Summary

Job Responsibilities:

JOB RESPONSIBILITIES

• Working directly with Information Security leaders to consolidate operational Information Security metrics to create CISO Dashboards to show the health of the security program.
• In collaboration with the CISO, the Lead Security Analyst will develop Information Security Program Routines and deliverables and lead update meetings.
• Manages the operational aspects of cybersecurity efforts and coordinate the evaluation, update and alignment of Policy, Standards and Procedures to regulatory requirements.
• Completes initial review of project and other artifacts and review with CISO prior to handoff for quality assurance.
• Act as the Information Security liaison with the Program Management Office to track project status and ensure teams are completing work packages and tasks in alignment with timelines.
• Work closely with IT and Cyber Risk team to coordinate the work plans and timely closure of Audit Issues and Self-Identified Issues.
• Act as a backup for the Security Awareness and Training Program which is currently single threaded with one employee

ADDITIONAL ACCOUNTABILITIES

• Performs special projects, and additional duties and responsibilities as required.
• Consistently adheres to regulatory and compliance policies and standards linked to the job as listed and complete required compliance trainings.  Accountable to maintain compliance with applicable federal, state and local laws and regulations.

JOB REQUIREMENTS

Required Qualifications:

• Education level required: Undergraduate Degree (4 years or equivalent)  Information Security or Computer Science.

• Minimum experience required: 8+ Years combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.
• Vast experience in security issues, techniques and implications across all existing computer platforms.
• 1 year coaching or mentoring IT professionals
• Working experience with IPS, DLP, firewalls, and security assessment tools/methodology (network, systems, and application).

Preferred Qualifications:

• Professional certification (e.g., CISA, CISSP or equivalent) preferred.
  Other technical certifications preferred or equivalent work experience.

Job Competencies:

• Expert knowledge of Information Security policies, standards, and procedures.
• Strong report writing skills with proven success in writing concise and effective reports communicating issues and recommending courses of action
• Ability to communicate with the business to identify requirements or issues and plan for best resolution
• Previous experience developing policies and procedures that support the objectives of the unit
• Strong influence skills used in consulting with businesses on design of access program
• Strong analytic skills to evaluate access entitlements across systems and applications
• Strong knowledge / practical experience implementing  cyber security controls, tools, and requirements to secure cloud environments (i.e.AWS, Azure)
• Strong knowledge of networking, Unix/Linux, virtualization, authentication, cryptography.
• Solid knowledge and understanding of securing all major operating systems.
• Strong knowledge in enterprise logging and monitoring solutions including monitoring privilege user accounts and sensitive configuration files
• Ability to facilitate communications to business stakeholders and interact effectively with all levels of management
• Physical demands (ADA): No unusual physical exertion is involved.

Flagstar is an equal Opportunity Employer.