BNY Mellon Careers
Sr.Spec'st Info Sec A'lyst
Information Security Engineer
The Information Security Engineer provides high level security and technical guidance to identify and assist in establishing practices and system configurations that ensure the safety of information systems assets and protect information systems from intentional or inadvertent access or destruction. Monitors and audits information systems activities and systems to confirm information security policy compliance and provides management with security policy compliance assessments and system monitoring reports. Identifies security vulnerabilities, associated risk, and mitigation strategies and provides recommendations to management.
· Provides technical expertise and support to client, and IT staff in risk assessments, implementation and operational aspects of appropriate information security procedures and products. Identifies regulatory changes that will affect information security policy, standards and procedures, and recommends appropriate changes. Maintains an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations and how they will affect the environment.
· Participates in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environment (e.g., company-wide, distributed, client server systems, and e-applications).
· Utilizes existing infrastructure security solutions and develops new security solutions to bridge infrastructure security area gaps. Performs website and server vulnerability scans and facilitates remediation
· Provides monthly reporting on security incidents and other metrics
· May assist with security architectural reviews on projects, applications and initiatives that ensure that corporate security policy, standards and guidelines are adhered to.
· Determine significant risk points and exercise process for risk assessment and risk acceptance.
· Evaluate, test and select security tools, evaluation products and control products.
· Reviews the development, testing and implementation of security plans, products and control techniques.
· Assist with annual SOX assessment and related remediation efforts
· Solid understanding of InfoSec principles and industry best practices in the information security
· Facilitates and consults with business and IT stakeholders in the remediation efforts of internal IT audits.
· Performs customer services tasks related to Infrastructure Security service requests
· Proxy server management and troubleshooting
· Coordinate with third party vendors for all activities, such as maintenance and service requests
· Facilitates security related IT projects
· Performs related information security tasks as assigned or requested, to help meet the overall mission and vision of information security.
• Strong working knowledge of information systems security standards and practices.
• Experience with one or more of the following: security monitoring, database security, policy & procedure, Active Directory, cryptography/PKI, application security assessments, risk assessments, security awareness, or related information security subject area.
• Possession of security certification(s): CISSP (highly preferred), SSCP, Security+, GSEC, MCSE, CISA, or CISM.
• Must be available on call 24x7x365 and able to quickly respond to problems affecting system security, occasionally requiring work outside normal business hours (i.e. evenings, weekends, or early mornings).
• Customer/Quality Focus
• Passionate about information security
• Self-starter and ability to work independently
• Exceptional communication skills both written and verbal
Sr. Specialist Information Security Analyst->> Consults with other IT areas and the businesses and provides professional support for major components of the company's information security infrastructure. Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms. Consults with the business and operational infrastructure personnel regarding new and existing technologies. Recommends new security tools to management and reports and provides guidance and expertise in their implementation. Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant security concerns are addressed. Recommends course of action to mitigate risk and ensures that appropriate standards are established and published. Contributes to the achievement of area objectives. Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred, 8-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
QualificationsBachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred, 8-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.
BNY Mellon's Asset Servicing business is dedicated to dynamically supporting our clients' investments and safeguarding their assets, keeping them working around the clock and across the world. It's part of our commitment to being a true partner for our clients' investment success. We specialize in operational solutions and capabilities for today's market-enhancing management and administration of investments with services that process, monitor and measure investment data from around the world. By leveraging BNY Mellon's global footprint and deep expertise, we deliver insight-driven solutions for every phase of investing.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.
Primary Location: United States-Massachusetts-Wellesley
Internal Jobcode: 45155
Job: Asset Servicing
Organization: AS Eagle And Front Office-HR15484
Requisition Number: 1809898