Senior Associate, Cybersecurity Compliance
Riverwoods , Illinois
September 23, 2017
As part of the Cybersecurity team, you will respond to Third-party questionnaires related to how Discover protects third-party data.

The Senior Associate will primarily be responsible for working with third parties, responding to Cybersecurity risk assessments initiated by 3rd parties in a timely fashion, representing Discover Business Technology in supporting various Discover Payment Services business functions. The Senior Associate will also be responsible for helping, where needed, other team members related to PCI compliance program activities.

This individual will work closely with all areas of the business and technology like, infrastructure, engineering, architecture & operational, application teams, etc. In addition, this individual will work proactively and effectively within and across business units to drive successful completion of 3rd party audits.

Job Responsibilities:

* The candidate must be able to understand Cybersecurity standards and how to test for compliance. Must be able to identify what information must be gathered to test for compliance and work with application, infrastructure and governance teams to collect those artifacts.
* The candidate must have strong project management skills, be able to develop and track to a project plan. The candidate needs to be able to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
* The candidate must have a strong knowledge of various regulatory audit control requirements (COBIT, COSO, PCI, FFIEC, & GLBA), and be able to map various control artifacts to requirement request from Third-Party audit request.
* Provide security expertise as requested and clearly communicate findings and concerns to all levels of management.
* Maintain accurate information in the teams tracking tool, and support departmental metrics and KRI reporting.
* Leverage security expertise to contribute to program enhancement and continuous improvement efforts, and other team activities.
* Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
* Frequent travel is required.
* Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
* Bachelor's Degree
* 4+ years experience in information security or technology audit, preferably in Financial Services
* Knowledge of IS Risk Frameworks and Standards (NIST 800-53, ISO 27000 series, NIST Cybersecurity Framework, PCI-DSS).
* At least one Professional Security Certification such as CISSP, CISM, CISA, or GIAC
* Knowledge of common networking concepts with a thorough understanding of Ethernet, IP (IPv4 and IPv6), TCP, and UDP.
* In-depth knowledge of the web protocols and related technologies
* Working knowledge of Linux, UNIX, and Windows variants.
* Ability to manage own workload with low supervision.
* Ability to manage multiple tasks simultaneously without compromising on quality.
* Excellent communication, both written and verbal. Must be able to effectively communicate to varying levels of management.
* Helpful for candidates to have working knowledge and familiarity with;
* IT Security risk assessment
* IT/IS policy development
* PCI Compliance
* Disaster Recovery/ Business Continuity planning, documentation, and testing
* Knowledge of common software and web application vulnerabilities, such as the OWASP Top 10. IT Audit

About Us
Since Discover launched in 1986, we've made a business of redefining the credit card industry for the better. We were first to have no annual fee, first to offer cash rewards, first to provide 24/7 customer service, and we rank #1 in customer loyalty. As a Fortune 500 company, we strive to provide our employees with an environment where they can contribute in a way that's different from other large institutions. If you're looking for a place to make a difference and let your voice shine through, we'd love to meet you.

Apply today at
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.

#LI-VF1 We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

A little about us:
Discover is one of the most recognized brands in U.S. financial services. We’re a direct banking and payment services company built on a legacy of innovation and customer service.

Know someone who would be interested in this job? Share it with your network.