As long as there are people who make the world a better place, we’ll keep making a difference for them. Since 1918, it has been TIAA’s mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization.
When you work here at TIAA, you’re not just in it for yourself. You are part of something bigger. A collective mission to make a difference – a collective mission we make our own.
To be difference makers.
For more information about TIAA, visit our website.
The Lead BISO Analyst is responsible for supporting the Business Information Security Officers (BISOs) in all aspects of the IT Risk and Security program in support of TIAA’s line of businesses. This position requires strong business relationship management, remediation governance, risk tracking, risk partner relationship management and business-focused risk remediation guidance.
KEY RESPONSIBILITIES AND DUTIES:
* Proactively develop, analyze and implement measures that ensure information security controls.
* Drive process or technology continuous improvements to support the strategic priorities across the BISO team and across Cybersecurity services.
* Collaborate with IT and business leaders to ensure key deliverables are met and teams work together to provide secure solutions.
* Perform risk assessments and report risks and remediation plans for TIAA lines of business.
* Develop and maintain strong business and technology relationships, becoming a trusted partner to the business units that they support.
* Partner with business and technology to complete their IT risk control agenda, leveraging internal resources and processes as appropriate.
* Partner with the rest of the Cybersecurity organization to ensure program consistency, develop information security risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation.
* Provide subject matter expertise, guidance and direction into Information Technology policy, standards and controls and IT Risk programs.
* Provide subject matter consulting for ad hoc guidance requests involving IT risk.
* Communicate the practical implications of IT risk treatment decisions to business and technology individuals.
* Track risk mitigation activities to ensure accurate and appropriate reporting to ensure that leadership is informed in a timely manner.
* Build a culture and climate focused on the pro-active awareness of, and continuous improvement in, the technology risk environment.
* Minimum BA/BS degree.
* Minimum 7 years of work experience in Information Technology.
* Minimum 5 years of experience in a role specific to risk management, audit, OpsRisk or Information Security
- Financial Services experience desired.
* Excellent verbal and written communication skills enabling candidate to prepare and present to all areas of the business, including senior management Knowledge of industry-recognized information security-related standards such as ISO2700x, COBIT, PCI-DSS.
* Basic understanding of application, network, operating system, and core infrastructure security concepts and concerns including Public Cloud and Containers.
* Strong client relationship and leadership skills. Highly self-motivated/works independently.
* Proven ability to formulate strategies and plans and execute against objectives.
* Strong organization skills.
* Detail-oriented, committed to quality.
* Forward and creative thinking and planning.
* CISA, CISSP, CRISC certifications a plus.
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the Equal Employment Opportunity Law.
If you need assistance applying due to being visually or hearing impaired, please email Careers Help.
This organization is an equal employment opportunity (EEO) employer, dedicated to maintaining a work environment free of bias, harassment, discrimination and retaliation. As an EEO employer, this organization expressly prohibits discrimination, harassment, and retaliation on the basis of race, creed, ethnicity, color, age, religion, sex, sex stereotype, pregnancy (including childbirth, breastfeeding or related medical conditions where applicable), sexual orientation, gender, gender identity, gender expression, transgender, marital status, national origin, ancestry, physical or mental disability, requesting a reasonable accommodation based on mental or physical disability, medical condition (as defined by applicable law), genetic history and information, citizenship status, military or veteran status, or any other status protected by federal, state, or local law or ordinance or regulation (collectively referred to here as ‘protected characteristics’).
*©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017