Consultant, Information Security Risk Analytics
Location:
Riverwoods , Illinois
Posted:
December 14, 2017
Reference:
P181982
Discover. A more rewarding way to work.

At Discover Financial Services, you'll find yourself in the company of some of the industry's smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.

Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:

Consultant, Information Security Risk Analytics

Job Description
This senior level individual contributor position is technical and analytical in nature and calls for a fast-learner with a history of technical and business experience. The ideal candidate will have strong organizational and communication skills with the ability to manage a diverse work load in a fast paced environment. Responsibilities include maturing information security risk analytics, reporting, change management process and technical implementation for the Information Security Strategy Team. This role focuses on applying risk management principles on solving complex business issues involving advanced analysis and reporting of data that inform business decisions through the development of information security risk scenarios leveraging internal, external and systemic inputs. The senior team member will evaluate business issues with the intent of increasing performance and value and deliver traditional-to advanced solutions to teammates/clients by gathering and analyzing security and operational intelligence from various sources. This role informs business leaders across different functional business areas of the enterprise. Duties and responsibilities:
  • The Consultant of Information Security Analytics team interacts enterprise-wide with all levels of personnel, including executives, business functional heads and technical staff.
  • Analyze key business processes in order to produce comprehensive risk scenarios that will be implemented by working by with and through business leaders and information security risk architecture.
  • Conduct comprehensive analysis of risk scenarios and inform key stakeholders of findings on an ongoing basis.
  • Responsible for advancing the enterprise-wide information security risk function to create a union of business risk and information security risk.
  • Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to require standards and processes.

Skills
Education: Bachelor's Degree or Equivalent Experience (Preferred Field of Study in Computer Science or Business) Required Certification:
  • CISSP or CISM
Years of Experience and Qualifications required:
  • Min Years: 5 years
  • Preferred Years: 7 years
* Knowledge of national and international regulatory compliance and INFOSEC frameworks such as NIST CSF * Financially astute, with a keen understanding of cost drivers * Able to develop appropriate methodologies, but willing to roll up sleeves and drive execution and implementation * Familiarity with recommending and designing information security controls to mitigate threats and vulnerabilities * Understanding of end-to-end risk management principles and how to implement across multiple business units * Team orientated and will promote execution and change through influence * Experience translating information security risk into business terms
Preferred Education/requirements:
  • Masters's Degree or Equivalent Experience
  • CRISC
  • Deep knowledge of information security risks effect on business
  • Understanding of return on security investment
  • Experience with GRC tools, including Archer and ServiceNow
  • Ability to interpret threats and vulnerabilities in technology assets and formulate a holistic approach to forecasting risk
  • Forward looking with strong understanding of how information security risk impacts the success of the business
  • Familiarity with threat and vulnerability detection tools


#LI-RB1 We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

A little about us:
Discover is one of the most recognized brands in U.S. financial services. We’re a direct banking and payment services company built on a legacy of innovation and customer service.

Know someone who would be interested in this job? Share it with your network.