BNY Mellon Careers

Specialist Info Security Analyst - Cyber Compliance

Pittsburgh, Pennsylvania; Florham Park, New Jersey; New York, New York; Washington, District of Columbia; Jersey City, New Jersey
Information Technology


Job Description

BNY Mellon Technology has a mission to provide our business partners with technology-based solutions that enhance their ability to be successful through world-class software solutions maintained on a stable and secure infrastructure, and to provide our employees with the tools and means to enhance their professional qualifications and careers.     The Information Security Division (ISD) develops and maintains the enterprise cybersecurity strategy for BNY Mellon. ISD collaborates with its colleagues across all three lines of defense, including Technology Risk Management, Internal Audit and our businesses and information technology teams. Our emphasis on collaboration ensures the development and delivery of services that are responsive to the evolving threat landscape and drive value to our customers.      This position is with the Cyber Security Compliance Team, who guides cybersecurity activities within a defined risk framework and governance model. The key benefits are timely identification, prioritization and remediation of cybersecurity risks through assessing adherence to applicable US and international regulations and standards.  

Primary job duties to include:

  • Manages audit process for the Company as they relate to cybersecurity requirements. 
  • Respond to audit requests with supporting evidence as needed. 
  • Attend audit meetings and have the ability to contribute to discussions and determine relevant content as part of the audit scope.
  • Coordinate with auditors to ensure closure of finding. Assists cybersecurity service leaders in response to reports issued by auditors. 
  • Identify problems that are not consistent with past audits and begin to structure a solution or remedy to address issue(s).
  • Ability to manage to aggressive deadlines in time constrained situations.
  • Analyzes existing and proposed cybersecurity legislation, regulatory announcements, and industry practices, to determine gaps and impact to the cybersecurity program.
  • Conduct other cyber compliance duties as needed.
  •  Analyzes existing and proposed cybersecurity legislation, regulatory announcements, and industry practices, to determine gaps and impact to the cybersecurity program.
  • Manages compliance efforts for the Company as they relate to cybersecurity regulatory and policy requirements.
  • Coordinates with cybersecurity program managers to ensure compliance with legislation, regulatory announcements, industry practices, etc.
  • Respond to inquiries on cybersecurity regulations. 
  • Respond to audit requests with supporting evidence as needed.  Attend audit meetings and have the ability to contribute to discussions and determine relevant content as part of the audit scope.
  • Conduct other cyber compliance duties as needed.

 

Position Scope:

 

Specialist Information Security Analyst->> Maintains the effectiveness of enterprise-wide information security strategy including related programs, processes and initiatives. May allocate/coordinate work within a team/project. Assists in the development, implementation and enforcement of corporate-wide security policies, procedures and standards. Assists in consulting with the business and operational infrastructure personnel regarding new and existing technologies and appropriate security architectures, practices and procedures. Reviews and analyzes more complex data and information to provide insights, conclusions and actionable recommendations produces advanced reports, analyses, findings, etc. Works closely with IT infrastructure and software engineering applications development to ensure integrity of security procedures, systems, and policies. Works with developers to ensure proper completion of all risk assessments within policy and procedures. Contributes to the achievement of related teams' objectives. Bachelor's degree in computer science or a related discipline, or equivalent work experience required, 6-8 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.

Qualifications

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
  • 6-8 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
  • Auditing or compliance experience preferred; financial services experience a plus; project management experience a plus.
  • Strong understanding of the application of industry best practices and relevant frameworks, such as NIST Cybersecurity Framework and ISO 27001 required
  • The following security certifications preferred, Certified Information System Auditor (CISA), Certified Risk Information Security Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Management (CISM) or, Certified in the Governance of Enterprise IT (CGEIT)
  • Experience communicating with senior leadership and auditors.
  • Experience managing audit process for the Company as they relate to cybersecurity requirements.
  • Ability to manage to aggressive deadlines in time constrained situations.
  • Demonstrated problem solving and analytical ability, and strong oral and written communication skills required.

#multipost



For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.

Client Technology Solutions provides our business partners with client-focused, technology-based solutions. These enhance their ability to be successful through world-class software solutions and leading-edge infrastructure. Client Technology Solutions provides employees with the tools and resources to enhance their professional qualifications and careers.

BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.


Primary Location: United States-Pennsylvania-Pittsburgh
Internal Jobcode: 45126
Job: Information Technology
Organization: Information Security-HR11724
Requisition Number: 1715536