This site uses cookies. To find out more, see our Cookies Policy

Senior Security Compliance Analyst in Philadelphia, PA at Radian Group Inc

Date Posted: 10/1/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    10/1/2018

Job Description

Under the direction of the Vice President, the Sr. Security Compliance Analyst will act as a key member of the Compliance, Assurance and Risk team. The Sr. Security Compliance Analyst’s primary responsibilities are leading Radian’s financial sector compliance activities (SOX, NYDFS, FFIEC, GLBA) and aligning Radian’s policies and controls with industry standard best practices and frameworks (CSF, NIST, etc) Additional duties include collaborating with Internal Audit to track assessments and findings. The Sr. Security Compliance Analyst may also participate in the implementation and/or execution of an information security risk management program as appropriate for Radian’s business model and risk appetite.

Under the direction of the Vice President, the Sr. Security Compliance Analyst will act as a key member of the Compliance, Assurance and Risk team.  The Sr. Security Compliance Analyst’s primary responsibilities are leading Radian’s financial sector compliance activities (SOX, NYDFS, FFIEC, GLBA) and aligning Radian’s policies and controls with industry standard best practices and frameworks (CSF, NIST, etc)  Additional duties include collaborating with Internal Audit to track assessments and findings.  The Sr. Security Compliance Analyst may also participate in the implementation and/or execution of an information security risk management program as appropriate for Radian’s business model and risk appetite.

Primary Duties and Responsibilities:

  • Directly accountable for coordinating and delivering on Radian’s financial sector compliance activities.  Must be familiar with how to interpret controls and suggest compensating mitigation strategies where applicable.  Expected to drive efficiency by aligning frameworks and with industry standards and frameworks.  Map regulatory requirements across functions to identify compliance, audit response and customer diligence efficiencies.  Ensure inventories of controls and administrative protection requirements are up to date and correctly implemented.
  • Coordinate and conduct Radian’s SOC2 control activities. 
  • Assist in the development and management of Radian’s security policies, standards, process and procedures in coordination with key stakeholders. Mature and sustain a program to ensure that all governance artifacts are formally reviewed, approved & maintained, and outcomes are effective.  Serve as lead on projects and initiatives to promote compliance with new or existing security policies.  Coordinate issuance of information security awareness publications and courses to ensure the Radian community is aware of the company’s information security policies.  Work with other organizational leaders to ensure information security policies continually comply with appropriate laws, regulations and overall corporate policy.
  • Assist in the implementation and maintenance of a comprehensive security risk management program.  Core duties are to execute and maintain a risk rating and prioritization plan to prioritize risk reduction and determine focused investments.  Conduct risk registration including tracking mitigation, compensating controls and acceptance.  Institute assurance process automation.
  • Assist the VP to grow and mature the information compliance, assurance, Internal Audit response and risk management capabilities at Radian.  Improve stakeholder confidence, maintain situational awareness, and ensure organizational alignment across the Information Security Architecture and Information Security Operations Teams.  Monitor the effectiveness of the information security program, recommend improvements, create actionable metrics and provide regular reports on status and activities.
  • Assist in development and maintenance of Radian’s information security strategy and roadmap that continually matures the company’s security program in alignment with the threat environment and Radian’s overall business goals.

Job Specifications:

Knowledge, Skills and Abilities:

Knowledge:

  • Expert knowledge of the information security standards and frameworks including NIST, CIS, CSF, and the Critical Security Controls.
  • Working knowledge of multiple security disciplines, including some of the following: policy definitions, controls frameworks and enforcement; network/perimeter security; system hardening; security event monitoring; vulnerability assessment and remediation; patch management; anti-virus; intrusion detection and response; forensics; encryption technologies; secure coding; physical security; identity and access management; ITAM; authentication and authorization; content monitoring & filtering, vulnerability & patch management; intrusion detection; managed threat detection and response; data loss prevention.
  • General understanding of other relevant technologies:  Active Directory, Microsoft Windows 7/10, Server 2012/2016; RHEL 6/7; firewalls; load balancers, VDI, and related.
  • Working knowledge of Auditing standards and related frameworks including ITAF, ISO, COBIT, COSO

Skills and Abilities:

  • Experience in a large financial services or insurance organization
  • Ability to work independently with or without direction and/or supervision
  • Ability to prioritize and multitask in a high pressure and results-oriented environment
  • Ability to understand a range of IT disciplines.  eg. networking, operations, service desk, infrastructure/architecture, and application development.
  • Expert written and verbal communication skills with a focus on translating complex security/IT terms into plain English.  Focus on clarity and impact
  • Proven project management skills

Prior Work Experience and Education:

  • Technical:
    • 5 - 8 years
  • Required:
    • Bachelor’s Degree
  • Other Certifications:

CRISC, CISA, PMI-RMP, CGEIT, CISSP, CIPP or similar.

EEO Statement

Radian complies with all applicable federal, state, and local laws prohibiting discrimination in employment.  All qualified applicants will receive consideration for employment without regard to gender, age, race, color, religious creed, marital status, sexual orientation, national origin, ethnicity, ancestry, citizenship, genetic information, disability, protected veteran status or any other characteristic protected by applicable federal, state, or local law.

If you are a person with a disability and need assistance in the application process please send an e-mail message to recruitment@radian.biz.