This site uses cookies. To find out more, see our Cookies Policy

Security Compliance Analyst in Philadelphia, PA at Radian Group Inc

Date Posted: 6/22/2018

Job Snapshot

Job Description

Headquartered in Philadelphia, Radian connects lenders, homebuyers, investors and loan servicers using a suite of private mortgage insurance and related risk management products and services. We help promote and preserve the tradition of homeownership while protecting lenders from default-related losses on residential first mortgages. We also facilitate the sale of low-down payment mortgages in the secondary market.

Our commitment to homeownership is built on a foundation of evaluating credit risk; we help clients and investors expertly and prudently manage risk in any market condition.

Under the direction of the Vice President, the Security Compliance Analyst is responsible for functional controls in Compliance, including but not limited to managing the following aspects of the company’s information security program: organizing and updating IT security policies, managing compliance activities with the Internal Audit team , security awareness training, managing data leakage prevention incidents, regulatory and controls assurance, prioritizing and organizing items from Radian's risk management program, and other risk and compliance activities as assigned.

Primary Duties and Responsibilities

  • Organize, prioritize and manage outputs from Radian's Risk Assessment Program including but not limited to conducting information security risk assessments & penetration tests, tracking and remediation of control deficiencies, and creating remediation action plans.
  • Manage the suite of IT Governance Artifacts (policies, standards, and processes & procedures), including architecting a cohesive artifact suite, maintaining templates by artifact type, and publishing/communication processes.  The Security Compliance Specialist develops and authors new IT Security Governance Artifacts when required and keeps existing IT Security Governance Artifacts current in coordination with key stakeholders.
  • Responsible for maturing and executing Radian's Information Security Awareness program.   The Security Compliance Analyst develops and coordinates issuance of information security awareness publications, computer-based courses, and other techniques to ensure the Radian community is aware of and understands the company’s information security and data handling policies.  Responsibilities also include tracking and ensuring compliance with the program.
  • Manage regulatory compliance items for Radian's Security Assurance function, including SOX, NYDFS, GLBA, SOC2 reports, Internal Audit reports and other related compliance requirements.
  • Manage and respond to alerts from Radian's Data Leakage Prevention (DLP) Program.  Responsibilities incldude analysis of activity reported by the company’s DLP solution, and reporting results and metrics to key stakeholders.  He/she also executes the DLP incident investigation and response process for defined incident type.
  • Create metrics for the Security Assurance team incudign operational metrics for compliance, security assessments, risks and other inputs.


Job Specifications

Knowledge:

  • Expert knowledge of the information security standards and frameworks including NIST CSF, CIS Critical Security Controls.
  • Excellent knowledge and experience with policy writing, definitions and enforcement;
  • Excellent knowledge of IT Security Assurance & GRC work including risk assessment programs and outputs.
  • Excellent knowledge of regulatory environment for a public financial services company that stores and processes Non-public Personal Information (GLBA, SOX, etc).
  • Working knowledge of Data Leakage Prevention (DLP) program objectives, technology and processes.  
  • Working knowledge of multiple security disciplines, such as network/perimeter security, system hardening, system policy enforcement, security incident & event monitoring, penetration testing, identity and access management, vulnerability & patch management.
  • General understanding of other relevant technologies:  Active Directory, Microsoft Windows 7/10, Server 2012/2016; RHEL 6/7; firewalls; load balancers, VDI, and related.


Skills and Abilities:

  • Experience in a large financial services or insurance organization
  • Ability to work independently with or without direction and/or supervision
  • Ability to prioritize and multitask in a high pressure and results-oriented environment
  • Ability to understand a range of IT disciplines.  eg. networking, operations, service desk, infrastructure/architecture, and application development.
  • Expert written and verbal communication skills with a focus on translating complex security/IT terms into plain English.  Focus on clarity and impact.
  • Proven project management skills.


Prior Work Experience

  • Technical:   3 - 5 years


Education and Credentials

  • Required:    Bachelor’s Degree,  Concentration in Business or technology
  • Other Certifications::   CISSP, SSCP, CISM, CISA, CRISC, CGEIT,  or other 

EEO Statement

Radian complies with all applicable federal, state, and local laws prohibiting discrimination in employment.  All qualified applicants will receive consideration for employment without regard to gender, age, race, color, religious creed, marital status, sexual orientation, national origin, ethnicity, ancestry, citizenship, genetic information, disability, protected veteran status or any other characteristic protected by applicable federal, state, or local law.


If you are a person with a disability and need assistance in the application process please send an e-mail message to recruitment@radian.biz.