Sr. Analyst Information Security

Every career journey is personal. That's why we empower you with the tools and support to create your own success story.

Be challenged. Be heard. Be valued. Be you ... be here.

Job Summary

The Sr. Analyst, Info Sec is responsible for overseeing and managing multiple risks, audits, and controls within the Information Technology Domain. This person is expected to be a strategic partner to control owners, second line of defense, and privacy leaders. The position reports to the Manager, Information Security and works closely with other Information Security Domain Champions.

 

Essential Job Functions 

• Audit coordination and evidence collection: Facilitate the collection of evidence for various audit and control activities such as PCI-DSS, NIST CSF, GLBA 501-B, Sarbanes Oxley, etc.  Review evidence for appropriateness and adequacy. Track and report on all evidence requests to ensure request deadlines are met.   Coordinate and facilitate audit and/or control interviews as well as necessary follow up meetings between control owners and internal/external auditors. Publish meeting minutes and track action items to completion.  Utilizes planning and organization tools to develop project/action plans.  Meets deliverable deadlines as directed. 

• Payment Card Industry (PCI) Annual Audit: Possess in-depth knowledge of the PCI-DSS and obtain PCI-DSS Internal Security Assessor Certification (ISA) within 6 months of starting position.  Test PCI controls and work with control owners to resolve control design or operating effectiveness issues ahead of and during annual Company PCI Audit. Partner with external Qualified Security Assessor (QSA) to reduce scope and control testing where possible.  Use knowledge of General IT Computing Controls and Cyber Security Tools to create PCI Compensating Control Matrices when required. 

• Control Coaching, Consulting, and Collaboration: Partner with IT Control Owners to identify, resolve, mitigate, or compensate for control failures identified through risk assessments, internal/external audits, or cyber security tools and processes.  Develop proactive risk and control assessment strategies to stay ahead of emerging risks and regulatory requirements. Collaborate with the IT Risk Second Line of Defense and Privacy Partners when formulating strategies to maximize coverage and work paper reuse.  

• General Information Technology: Foundational to intermediate knowledge of IT tools and practices including, but not limited to: Networking, LDAP Directories, Vulnerability/Patch Management, Change Management, Incident Management, Server and Desktop Management, Mainframe Technologies, Encryption and Key Management, Cloud Architecture and Computing, Software Application General Computing Controls, Business Continuity/Disaster Recovery, Software Development Lifecycle, Access Management, and Cyber Security Tooling. 

• Metrics and Presentation Skills: Ability to produce meaningful and actionable metrics through data analysis. Conduct data analysis exercises using Excel Pivot Tables, Microsoft Access Queries, and other data driven analysis tools.  Produces presentations at various levels of abstraction dependent on intended audience using Microsoft Power Point, Microsoft Visio, or equivalent tools. Intermediate to expert English writing skills expected. 

• Human Relations: Ability to diffuse problematic situations and manage through conflict resolution.  Utilizes soft skills such as: Selective Agreement, Reflective Listening, Voice Inflection, and Empathy.  Ability to take complex concepts and break down into laymen’s terms or analogies that help with other’s understanding.  Viewed as an enabling partner that provides options or information when saying no to business or IT requests.  Seen by leadership and peers as creditable, trustworthy and respectful.  Utilizes subject matter expertise to guide and coach less experienced team members. 

 

Reports to: Manager, Information Security 

Working Conditions/ Physical Requirements: Normal office environment.  As the need of the business continue to evolve, this role may be asked to work an on-call rotation to include evenings or weekends. 

Direct Reports: None 

Minimum Qualifications:  

• Three or more years in Risk Management, Audit, Compliance, Information Technology 

Preferred Experience: 

• Associates Degree or equivalent experience in Computer Science, Networking or Information Technology 
• Certifications: One or more relevant professional technical certifications (examples: CISSP, CISA, CISM, OR Security+) 

Other Duties

This job description is illustrative of the types of duties typically performed by this job. It is not intended to be an exhaustive listing of each and every essential function of the job. Because job content may change from time to time, the Company reserves the right to add and/or delete essential functions from this job at any time.

Salary Range (unless otherwise noted below):

$97,900.00 - $177,400.00

Full Salary Range for position:

California: $112,600.00 - $221,800.00

Colorado: $97,900.00 - $186,300.00

New York: $107,700.00 - $221,800.00

Washington: $102,800.00 - $204,000.00

Maryland: $102,800.00 - $195,200.00

Washington DC: $112,600.00 - $204,000.00

Illinois: $97,900.00 - $195,200.00

New Jersey: $112,600.00 - $204,000.00

The actual base pay within this range may be dependent upon many factors, which may include, but are not limited to, work location, education, experience, and skills.

Bread Financial offers medical, prescription drug, dental, vision, and other voluntary benefits (including basic and optional life insurance, supplemental medical plans, and short and long-term disability) to eligible associates (regular full-time associates scheduled to work 30 hours per week or more) and their spouses/domestic partners, and child(ren) under the age of 26.  New associate elected coverage begins on date of hire (with the exception of disability coverage which has a 6-month waiting period).  Six weeks of 100% paid parental leave for eligible parents is available after a 180-day waiting period.   Hired associates can immediately enroll in Bread Financial’s 401(k) plan.

All associates receive 11 paid holidays. Associates have discretion in managing their time away from work through the Flexible Time Off (FTO) program and may need to notify and receive approval from their manager prior to taking the time off. Associates (except those located in Illinois) receive 80 hours of Paid Sick and Safe Time (“PSST”) upon hire and at the beginning of each subsequent calendar year. Illinois associates receive 40 hours of Illinois PSST upon hire and at the beginning of each subsequent calendar year and 40 hours of Illinois Paid Leave upon hire and at the beginning of each subsequent calendar year. Illinois Paid Leave must be used before associates in Illinois will be approved to take FTO.

Hired associates will be able to elect the purchase company stock during offering periods in June and December. You will be eligible for an annual incentive bonus based on individual and company performance.

Click here for more Benefits information.

About Bread Financial

At Bread Financial, you’ll have the opportunity to grow your career, give back to your community, and be part of our award-winning culture. We’ve been consistently recognized as a best place to work nationally and in many markets and we’re proud to promote an environment where you feel appreciated, accepted, valued, and fulfilled—both personally and professionally. Bread Financial supports the overall wellness of our associates with a diverse suite of benefits and offers boundless opportunities for career development and non-traditional career progression.

Bread Financial® (NYSE: BFH) is a tech-forward financial services company providing simple, personalized payment, lending and saving solutions. The company creates opportunities for its customers and partners through digitally enabled choices that offer ease, empowerment, financial flexibility and exceptional customer experiences. Driven by a digital-first approach, data insights and white-label technology, Bread Financial delivers growth for its partners through a comprehensive suite of payment solutions that includes private label and co-brand credit cards and Bread Pay® buy now, pay later products. Bread Financial also offers direct-to-consumer products that give customers more access, choice and freedom through its branded Bread Cashback® American Express® Credit Card, Bread Rewards™ American Express® Credit Card and Bread Savings® products.   

    

Headquartered in Columbus, Ohio, Bread Financial is powered by its approximately 7,000 global associates and is committed to sustainable business practices. To learn more about Bread Financial, visit breadfinancial.com or follow us on Facebook, LinkedIn, X and Instagram. 

• Bread Financial offers competitive pay, a comprehensive selection of benefit options including 401(k).
• The Company is an Equal Opportunity Employer.
• Any applicant offered employment will be required to establish that they are legally authorized to work in the United States for the Company.
• The Company participates in E-Verify.
• The Company will consider for employment all qualified applicants, including those with a criminal history, in a manner consistent with the requirements of all applicable federal, state, and local laws, including the Los Angeles Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.  Applicants with criminal histories are encouraged to apply.
• The Company complies with the Americans with Disabilities Act (ADA), as amended, and all applicable state/local laws.  The Company will provide accommodations to applicants needing accommodations to complete the application process. Applicants with disabilities may contact the Company to request and arrange for accommodations.  If you need assistance to accommodate a disability, you may request an accommodation at any time.  Please contact the Recruiting Team at TaOps@breadfinancial.com.

Job Family:

Information Technology

Job Type:

Regular