IT Security Analyst. Governance, Policy, Comms

Job Description

About FIS

Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.

About the Team

This team is led by an IT Security Executive supporting the Chief Information Security Officer (CISO). The focus within this team is cybersecurity governance, awareness, security policies, metrics, and executive reporting.

About the role

Be a hands-on team member that delivers the day-to-day operational activities related to cyber governance, risk management, security awareness, communications and reporting. Execute and implement initiatives and projects to enhance cyber governance and risk management.

Develop engaging awareness and education materials as part of the global cybersecurity awareness program. Develop content and communications for the Chief Information Security Officer (CISO) and his direct reports for a variety of executive-level audience.

Enhance and update security policies and standards, and controls mapping. Reports to IT Security Manager.

What you will be doing

Work alongside the CISO and cybersecurity executives to draft communications, leadership presentations and other written materials, i.e., help write their story. Communication will be focused on the cybersecurity program, including but not limited to, Board reporting, Risk Organization updates, cybersecurity portfolio status, townhall presentations, metrics and dashboards, and audit and regulatory briefings.

· Drive execution of cybersecurity governance and risk management processes including but not limited issues management, risk acceptances and policy exceptions.

· Conduct risk assessments and participate in cybersecurity risk management lifecycle activities such as risk identification, classification, treatment and reporting.

· Work closely with the Business Information Security Officer (BISO) organization on responding to requests for cybersecurity guidance and managing cybersecurity risks within the LoB.

· Help operate the global security awareness program by developing awareness content, responding to security questions from end users, drafting messaging for upcoming policy and controls changes, and educating on lessons learned from real-world events. Operate any technologies related to security awareness program.

· Annually review and update mandatory security awareness training.

· Create stakeholder and end-user friendly documentation as needed to facilitate adoption of security requirements and implement effective change management.

· Develop new or enhance existing cybersecurity policies and standards. Map policies, standards and controls to industry frameworks.

· Maintain information and updates on cyber program maturity progress.

· Collaborate with Corporate Communications, Legal, Compliance and other stakeholder groups, as needed, to communicate key messages and changes related to policy updates, controls and security requirements to facilitate adoption and effective change management.

· Develop meaningful metrics that clearly communicate and bring visibility into the risk posture of FIS, including metrics that measure the effectiveness of Cybersecurity communications and the security awareness program.

· Stay current on emerging security threats, regulations impacting fintech, and communication trends.

What you bring

· Minimum of 6 years of relevant experience based on industry and prior job responsibilities.

· Well versed in cybersecurity governance, risk management, awareness, policy, risk assessments, maturity assessments, and industry frameworks and standards (e.g., NIST-CSF, ISO 27001/2, PCI DSS etc.)

· Skilled in creating effective and engaging cybersecurity related communications and content as well as polished executive presentations (in PPT).

· Ability to research topics, collect data and organize thoughts in support of desired audience-appropriate messaging.

· Skilled in translating complex, difficult, and technical information with clarity, accuracy and transparency while keeping the message readable, understandable and impactful.

· Ability to advise executives on communication strategies related to security topics.

· Strong editing, organizational and writing skills with outstanding attention to detail.

· Self-learner and self-starter who is comfortable juggling multiple asks and deadlines.

· Must be able to work independently as well as in a team setting.

· Must be comfortable working with numerous cross-functional stakeholders.

Bonus if you have

· ServiceNow and Archer experience.

What we offer you

· Flexible and creative work environment.

· Diverse and collaborative atmosphere.

· Professional and personal development resources.

· Opportunities to volunteer and support charities

· Competitive salary and benefits.

FIS is committed to providing its employees with an exciting career opportunity and competitive compensation. The pay range for this full-time position is $99,830.00 - $167,700.00 and reflects the minimum and maximum target for new hire salaries for this position based on the posted role, level, and location. Within the range, actual individual starting pay is determined additional factors, including job-related skills, experience, and relevant education or training. Any changes in work location will also impact actual individual starting pay. Please consult with your recruiter about the specific salary range for your preferred location during the hiring process.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass