Information Security Analyst - Remote
Company: Bottomline Technologies
Location: Garland
Posted on: June 23, 2022
Job Description:
Bottomline is at the forefront of digital transformation. We are
a growing global market leader uniquely equipped to address the
changing needs of how businesses pay and get paid. Our culture of
working with and for each other enables us to delight our
customers. We empower our teams to think like owners driving
customer delight, helping them grow their business and win in their
markets.The Bottomline Information Security Analyst is responsible
for monitoring IT systems to ensure they follow policies and
practices. They must evaluate technology, identify controls, and
keep throughout records. In addition to monitoring IT systems, the
Information Security Analyst shall implement policies and
day-to-day functions related to cybersecurity, business continuity,
disaster recovery management, compliance management/internal
controls, risk management, and ethics management. Compliance with
industry mandated standards and controls (e.g. FFIEC, ISO27001,
GDPR/CCPA, PCI, etc.). Additionally, they shall act as mentors to
IT staff teams to ensure they have a solid understanding of
procedures and necessary independence to conduct their own
investigations, and are effective planners, communicators, and
teachers.The Information Security Analyst must retain authority,
encourage problem solving, and promote a constructive work
environment. They must be able to direct risk functions while
understanding the risks and governance associated with current and
emerging technologies. The Bottomline Information Security Analyst
shall compile a vast array of data into coherent reports for the
CFO, CIO, GC, CISO and Sr. Director of Audit, Risk and
ComplianceThis position can be based out of an REMOTE location
within the US, East Coast preferred How You'll Contribute
- Participate in the development of the annual IT Risk &
Governance design
- Develop and implement internal policies and procedure documents
to support IT compliance initiatives
- Analyze the IT environment to evaluate application and
infrastructure risks and controls
- Coordinate, execute and manage the assessment and reporting
phases for multiple concurrent IT Risk and Third Party
Assessments
- Design, review and approve tests that identify IT Risks, and
provide strategic recommendations to enhance business
operations
- Present risks to senior management and negotiate suggested
action plans
- Promote a risk-aware culture; ensure efficient and effective
risk and compliance management practices by adhering to required
standards and practices
- Participate in a primary capacity in supporting compliance, and
regulatory activities, including, but not limited to: PCI, SSAE16,
Regulatory, Sarbanes-Oxley (SOX 404), ISO27001/9001
- Manage the ongoing effectiveness of information security
controls (automated, manual, and needing development), working with
a variety of control owners within the Information; Security and
Technology organizations, and evaluating control design and
standards in a variety of program areas
- Support business initiatives with respect to resilience and
Disaster Recovery & BIA
- Conduct research and make recommendations on products,
services, protocols and standards in support of procurement and
development efforts
- Develop, implement and maintain change control and testing
processes for service, application and infrastructure
modifications
- Establish appropriate end-user access controls, best practices
and perform transaction and security assessments
- Maintain up-to-date knowledge of the FinTech and Payments
Industry and IT developments
- Build and maintain strong internal relationships by
demonstrating detailed knowledge of the client's business
environment
- Maintain and increase personal knowledge of the Bottomline
solutions and services to enable the better execution of the
role
- Participation in special projects or other duties as
requiredWhat Will Make You SuccessfulUnderstanding and knowledge of
business risks and governance related to general system controls,
system/applications development, change management, logical access
security, local area network and wide area network concepts,
contingency and recovery:
- 1-3 years' of experience in risk, governance and compliance
information technology organization
- Relevant, industry recognized security certification such as
CISSP, CGEIT, CRISC, CISM, CSX-P, CISA, PMP, CISM, CPP, CPA and
CBCP
- BA, BS or MBA Degree
- Understanding of data management concepts
- Knowledge of FFIEC, SSAE18, ISO27001/2, BCP/DR, NIST and COBIT
relevant frameworks
- Understanding of current regulatory expectations for financial
services organizations
- Excellent analytic, oral and written communication skills
- Network & Infrastructure Architecture network segmentation
concepts, firewalls, routers, VPN solutions etc
- Systems Development (including SDLC, project management, BCP/DR
and change control methodologies
- Infrastructure and Application Security Testing comprehension
to understand risks associated with vulnerabilities
- Physical Security & Data Center Environmental Controls
- Knowledge of Hosted and Windows environments, Client Server
Technology, Networks,
- Experience using GRC applications
- Excellent project management skills
- High attention to detail necessary to manage, analyze and
finalize artifacts and documents
- Familiarity with infrastructure, networking, security and
software development processes
- Organized, responsive, and able to manage multiple initiatives
and tasks in parallelYou'll love Bottomline because in everything
we do we seek to delight our customers and we are passionate about
building a company of which we can all be proud, and this starts
with building amazing teams filled with team members that challenge
you every day.#LifeatBottomline
Keywords: Bottomline Technologies, Garland , Information Security Analyst - Remote, Professions , Garland, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...