Security Risk and Compliance Associate
2 weeks ago
Position Summary
The Security Risk and Compliance Associate is a highly respected, influential and in-demand role within the business. The position is responsible supporting the security direction of the business and elevating the company’s security posture. The associate is expected to support the security strategy of the business within new and existing information system capabilities. Consequently, the position requires both an understanding of legacy systems, as well as new technologies and requirements. The associate is also responsible for the planning and design of policies and maintenance.
The Security Risk and Compliance Associate position reports to the VP, IT Risk & Compliance and assists in the building, support and maintenance of the GRC program. The associate will engage in many facets of the information security and GRC programs while providing guidance and functioning as an experienced resource to control owners and business partners. The associate will be given the ability to work with various teams to identify risks, deficiencies, create controls and report progress. The associate should be someone who works well with others, leads, motivates others and has a passion for GRC.
The ideal candidate is technical and possesses at least one year of experience in security, compliance or risk management. The role oversees the business’ security requirements and obligations mandated by standards and regulations such as the Federal Financial Institutions Examination Council (FFIEC), Gramm-Leach-Bliley Act (GLBA), and Sarbanes-Oxley Act (SOX). In tandem with security leadership, the associate consistently assesses and validates the assurance of the security program. As a primary point of contact for internal and external auditors, the associate monitors progress and enforces resolution of outstanding issues that may lead to non-compliance or security threats to the business. As a key member of the security team, the associate must focus on strong risk management and corporate resiliency, and not be driven solely by compliance.
Essential Duties & Responsibilities
Assists in implementing, supporting and maintaining an effective and mature GRC program at Triumph
Safeguards information system assets by identifying and solving potential and actual security and risk concerns
Protects systems by defining role and attribute-based access privileges, control structures, and resources
Engages with business partners and team members on risk and compliance issue identification and remediation processes
Conducts risk and compliance assessments of IT and Security standards
Maintain strong oversight of third parties, vendors and business partners to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered
Explains security controls with clarity to business and technical users
Performs Control Self Assessments and communicates deficiencies to control owners and management
Assists in the design, development and remediation of IT general controls
Manages exceptions to IT and security policies.
Prepares GRC metrics and effectively communicates this through Executive level presentation and reporting.
Coordinates External (SOX, SOC1, SOC2, client and other regulatory) audits and Internal audits
Upgrades cyber security program and capabilities by implementing and maintaining security controls
Provides documentation and evidence to respond to audits
Contributes to team objectives
Experience & Education
Bachelor’s degree in Information Security, Information Systems, Computer Science, or equivalent work experience
Less than three years of prior relevant IT risk, IT security and/or IT audit experience
Pursuing CISA, CISM, CRISC, or CISSP certifications
CIS 2.0 security and NIST 800-53 framework controls
FFIEC Cyber Assessment Tool (CAT)
Experience and understanding of various regulatory requirements and laws, including but not limited to FFIEC, SOX, and GLBA. Additional experience in one or more of the following: SOC1, SOC2, ISO 27001/2, CIS or NIST 800-53
Skills & Abilities Required
Ability to function with limited supervision
Strong interpersonal skills
Quality written and oral communication, and presentation skills
Critical thinking and problem-solving skills
Attention to detail, patience and flexibility
Commitment to operational excellence and continuous process improvement
Strategic project management and oversight of milestones and deliverables
Knowledge of IT general controls
SOC Reports (SOC1/SOC2) Type I and II
Bank Federal and State Compliance regulations
Strong knowledge of Cybersecurity and its relation to IT deployment and implementations
Agile methodology
Knowledge of Risk, Compliance and Cyber Frameworks, such as, NIST 800-53, CIS, COSO, SANS, ISO, COBIT, ITIL
IT and security policy, standards and procedures creation and maintenance
Identity Access Management and Privileged Access Management (IAM and PAM)
Role and attribute-based access controls (RBAC and ABAC)
Willingness to expand and apply security knowledge, skills, and abilities to department initiatives
#LI-JH1
#J-18808-Ljbffr
-
Security Risk and Compliance Associate
2 weeks ago
Dallas, United States Triumph Financial Full timeJoin TriumphX! TriumphX provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We're looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial's...
-
Security Risk and Compliance Associate
4 days ago
Dallas, United States Triumph Financial Full timeJoin TriumphX! TriumphX provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We're looking for top tech and project management talent to analyze, recommend and build strategic solutions that support Triumph Financial's...
-
Risk and Compliance Consultant
5 days ago
Dallas, United States Cynet Systems Full timeJob Description: Responsibilities: Work with internal/external teams to understand the security audit requirements and deliver against project plans. Build NERC CIP control testing procedure based on IT Environment and manage Compliance. Perform NERC CIP control testing for application and IT infrastructure. ssist in compliance initiatives at...
-
IT Governance, Risk, and Compliance Manager
5 days ago
Dallas, United States Trinity Industries Full timeTrinity Industries is hiring an IT Governance, Risk, and Compliance Manager in our Dallas, TX office. Below, you will find a complete breakdown of everything required of potential candidates, as well as how to apply Good luck. The IT Governance, Risk, and Compliance (IT GRC) Manager functions within the Information GRC (IGRC) team, reporting to the Senior...
-
IT Governance, Risk, and Compliance Manager
3 weeks ago
Dallas, United States TrinityRail Full timeTrinity Industries is hiring an IT Governance, Risk, and Compliance Manager in our Dallas, TX office. The IT Governance, Risk, and Compliance (IT GRC) Manager functions within the Information GRC (IGRC) team, reporting to the Senior Director of IGRC within the Information Risk Management organization. The IT GRC Manager will be responsible for the execution...
-
IT Governance, Risk, and Compliance Manager
2 weeks ago
Dallas, United States Trinity Industries, Inc. Full timeTrinity Industries is hiring an IT Governance, Risk, and Compliance Manager in our Dallas, TX office.The IT Governance, Risk, and Compliance (IT GRC) Manager functions within the Information GRC (IGRC) team, reporting to the Senior Director of IGRC within the Information Risk Management organization. The IT GRC Manager will be responsible for the execution...
-
IT Governance, Risk, and Compliance Manager
2 weeks ago
Dallas, United States Trinity Industries, Inc. Full timeTrinity Industries is hiring an IT Governance, Risk, and Compliance Manager in our Dallas, TX office.The IT Governance, Risk, and Compliance (IT GRC) Manager functions within the Information GRC (IGRC) team, reporting to the Senior Director of IGRC within the Information Risk Management organization. The IT GRC Manager will be responsible for the execution...
-
IT Governance, Risk, and Compliance Manager
2 weeks ago
Dallas, United States Trinity Industries, Inc. Full timeTrinity Industries is hiring an IT Governance, Risk, and Compliance Manager in our Dallas, TX office.The IT Governance, Risk, and Compliance (IT GRC) Manager functions within the Information GRC (IGRC) team, reporting to the Senior Director of IGRC within the Information Risk Management organization. The IT GRC Manager will be responsible for the execution...
-
IT Governance, Risk and Compliance Analyst
3 weeks ago
Dallas, United States CareerBuilder Full timeJob Description Job Description Job Title: IT Governance, Risk and Compliance Analyst (IT GRC Analyst) Position Type: Contract for 6 months. Job Location: 14221 N Dallas Pky, Ste 1100 | Dallas, Texas 75254 (Hybrid: 3 days office 2 days remote ) Description: Our client is seeking an IT Governance, Risk and Compliance Analyst . The IT GRC Analyst designs,...
-
Risk & Compliance Manager
5 days ago
Dallas, United States Axis Energy Administration Full timeDescription The Risk & Compliance Manager ensures that the organization conducts its business processes in compliance with laws and regulations, professional standards, and accepted business practices and is responsible for managing the risk insurance programs that ensure that our company remains fully compliant with relevant local, state, and federal...
-
Risk & Compliance Manager
3 weeks ago
Dallas, United States Axis Energy Services Full time***TO APPLY, VISIT OUR COMPANY WEBSITE:Job Postings | Axis Energy Services (axisofs.com)The Risk & Compliance Manager ensures that the organization conducts its business processes in compliance with laws and regulations, professional standards, and accepted business practices and is responsible for managing the risk insurance programs that ensure that our...
-
Risk, ERM – Risk Appetite
3 weeks ago
Dallas, United States Goldman Sachs Full timeThe Risk division is responsible for credit, market and operational risk, model risk, independent liquidity risk, and insurance throughout the firm. Team: Enterprise Risk Management Level: Associate Location: Dallas The Risk Division aims to effectively identify, monitor, evaluate, and manage the firm’s financial and non-financial risks in...
-
Dallas, United States Baylor Scott & White Health Full timeJOB SUMMARY Reporting to the SVP, Chief Corporate Ethics and Compliance Officer, the VP Corporate Compliance is responsible for planning, developing, and enforcing compliance programs for Baylor Scott and White Health (BSWH), which includes varied compliance risk-based functions and programs such as hospital regulatory compliance, provider compliance,...
-
Chief Compliance Officer, JLL Securities
1 week ago
Dallas, United States JLL Full timeJLL supports the Whole You, personally and professionally. Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology to our clients. We are committed to hiring the best, most talented people in our industry; and we support them through professional growth, flexibility, and...
-
Dallas, United States Comerica Full timeJob SummaryThe Operational Risk Manager position is designed to provide a national, holistic approach to advise/assess on risk and compliance topics. This position focuses on risk mitigation through policy and procedure management, review and implementation of new regulations, coordination of audits and exam deliverables, and compliance training course...
-
Dallas, United States Baylor Scott & White Healthcare Full timeJOB SUMMARY Reporting to the SVP, Chief Corporate Ethics and Compliance Officer, the VP Corporate Compliance is responsible for planning, developing, and enforcing compliance programs for Baylor Scott and White Health (BSWH), which includes varied compliance risk-based functions and programs such as hospital regulatory compliance, provider compliance,...
-
Security Officer Guard
4 weeks ago
Dallas, United States Congregational Security Inc Full timeJob DescriptionJob DescriptionWe are seeking a Security Officer Guard to become an integral part of our team. The selected individual will patrol and secure assigned premises as well as identify risks to staff and patrons.Responsibilities:Monitor premises to prevent theft, violence, or infractions of rulesThoroughly examine doors, windows, and gates to...
-
Risk, Credit Risk, Associate, Dallas
1 week ago
Dallas, United States Goldman Sachs Full timeRegulatory Obligations Review Group (RORG) RORG is an independent review group that provides continuous monitoring and assurance of the accuracy of the Regulatory Reporting Requirements. Its primary responsibility is to effectively challenge the rigor and accuracy of the firm's and the Bank's internal systems/processes supporting regulatory compliance. The...
-
Risk, Operational Risk, Associate, Dallas
2 weeks ago
Dallas, United States Goldman Sachs Group, Inc. Full timeConsumer and Transaction Banking Operational Risk Operational Risk is an independent risk management function (2nd line), responsible for developing and implementing a standardized framework to identify, measure, and monitor operational risk across the firm. This role requires an energetic self-starter that can liaise with stakeholders across business units...
-
Security Officer
4 weeks ago
Dallas, United States Jackson Security Systems LLC Full timeJob DescriptionJob DescriptionWe are seeking commission Security Officer to become an integral part of our team. The selected individual will patrol and secure assigned premises as well as identify risks to staff and patrons.Responsibilities:Monitor premises to prevent theft, violence, or infractions of rulesThoroughly examine doors, windows, and gates to...