Job Actions

Job Information

Info Security Risk Analyst - #221811
DES MOINES IA 50312
Category: Banking
  • Your pay will be discussed at your interview

Job code: lhw-e0-89758697

Company Profile

Principal Financial Group

Contact Company


Local Information

Laugh while you Look

Sponsored Ads

Summary

  Job posted:   Thu May 17, 2018
  Distance to work:   ? miles
       
  1 Views, 0 Applications  
 
Info Security Risk Analyst - #221811

Job Area: ITBusiness Area: Individual LifeLocation: IA - Des MoinesCareer Category: Experienced ProfessionalFull/Part Time: Full-TimeRegular/Temporary: RegularDate Posted: 2018-05-15


Responsibilities



U.S. Insurance Solutions (USIS) is building a security team! Principal is looking for an Information Security Risk Analyst. This role offers an opportunity to join a security program protecting insurance customers.


The Information Security Analyst provides security expertise by consulting on: 1) define the security problem; 2) identify security requirements, 3) design potential solutions and mitigations; and 4) verify the solution meets the requirements. Responsibilities include:



+ Stay current on industry standards for information security technologies and controls.


+ Maintain expertise on the Secure Software Touchpoints and Knowledge Catalogs.


+ Touchpoint specific interactions may include:


+ Architecture Risk Analysis (ARAR)- Consult on technical or complex security concepts


+ Application Vulnerability Testing (AVA) - Explain vulnerabilities / mitigations techniques


+ Static Code Analysis (SCA) - Explain vulnerabilities / mitigations techniques


+ Code Reviews - Participate in code reviews offering security related feedback


+ Risk Based Security Tests - Explain common attacks and attacker's viewpoint


+ Abuse Cases - Consult on technical or complex security concepts; explain common attacks and attacker's viewpoint


+ Security Requirements - Consult on technical or complex security concepts


+ Security Operations - Participate in dialogs to gain operation's / provide application's security perspectives


+ Understand, communicate, and translate security concepts to team members


+ Maintain and document security decisions and directions to promote future consistency


+ Analyze business impact and exposure based on emerging security threats, vulnerabilities, risks and help to adjust overall security strategy accordingly.


+ Represent security while engaging with other technical teams and leaders throughout organization in design and implementation of secure solutions.


+ Works with engineering, infrastructure services and application development organizations to choose appropriate technology solutions and facilitates complete integration into the company environments.




Qualifications




+ Associate's or Bachelor's degree with a preference in a science, technology, engineering, or math related field or equivalent work experience (6 years of experience equates to an Associate's degree when defining "equivalent work experience")


+ 3+ years of relevant security consulting or industry experience



Additional preferred technical experience:



+ CISSP desired but not required


+ Understanding of cyber security concepts and the ability to design and execute appropriate solutions


+ Experience with identity and access management (IAM), account provisioning, virtual directory, role-based and attribute-based access control etc.


+ Experience in applying policies and procedure in designing security controls


+ Strong familiarity with NIST CSF, NIST 800-53, OWASP Top 10, and OWASP ASVS



Keys to success in this position:USIS is looking for an analyst who is results oriented, multi-disciplined, and experienced in designing and reviewing security solutions for critical business applications. The successful candidate possesses the excellent interpersonal and communication skills required to partner with other teams across USIS to identify opportunities, understand threats, develop and deliver solutions that support business strategies.



Employee Referral



Click on "Email to a Friend" to notify a friend or family member of this opportunity.



Learn more about our company!



As a member of Principal's global IT community, you are part of a high-performing culture that promotes employee empowerment, innovation, collaboration, and career development while fostering flexibility between professional and personal responsibilities. The work you do while partnering closely with the business puts our customers' needs first by shaping the financial security of millions of lives across the globe!


Principal was #18 on Computerworld's list of 100 Best Places to Work in IT 2017 making it 16 years in a row on the list! Click the link to read all about it.


And, if you have 2 minutes, you'll want to watch this video about our company:






Visa Sponsorship



This position is not eligible for sponsorship for work authorization by Principal. Therefore, if you will require sponsorship for work authorization now or in the future, we cannot consider your application at this time.



Job Level



Willing to consider applicants at multiple job levels.



AAEEO



Principal is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, gender identity, gender expression, pregnancy, national origin, citizenship status, disability, genetic characteristics, sexual orientation, marital status, domestic partner status, military status, protected veteran status, disability status or any other characteristic protected by law.



Interview Details



What's next? Innovation at its finest. We'll review your application and if you're selected for an interview, you'll receive an invite for an On-Demand Video interview. Haven't done that before, don't worry. We've got all the tips and tricks available to help you be successful. With an On-Demand Video Interview, you can add your own flair and personality - at your pace. Be sure to check your email frequently. We'll communicate our decisions through the email address used on your online profile. If you receive an email from Principal Talent Team, you've been selected to begin your video interview and have a set time to submit once you log in.


More Information »