Skip to navigation
Skip to main content
Skip to footer

Information Security Analyst- Sr (Policy and Governance) in Columbus at Huntington

Date Posted: 11/5/2018

Job Snapshot

Job Description

Brief Description:
Huntington's Information Security Governance and Communications team is responsible for the tracking and management of risks identified with Information Security stakeholders. The Information Security Analyst, Sr. is responsible for supporting the team by reviewing documentation, performing research, collecting metrics and senior management reporting. This individual will be also be responsible for collaborating with stakeholders to work through contract reviews and customer Information Security feedback. Candidate will work on multiple concurrent projects of varying degrees of complexity, as well as partner with Policy Governance on operational related tasks and perform other miscellaneous duties for Information Security as necessary. Approximately 5 to10% travel as required.
Detailed Description:
* Provide support for external and internal contract reviews and customer inquiries as necessary.
* Serve as a Subject Matter Expert (SMEs) for Information Security Governance and Communication.
* Plan, author and review Information Security policies.
* Develop and maintain Information Security standards and procedures.
* Translate ongoing Information Security public risks into messages for Huntington management and colleagues.
* Provide coaching and training to colleagues in support of continuous improvement efforts in the Information Security processes.
* Maintain a current awareness and understanding of appropriate consumer financial laws, regulations, internal policies and procedures, and to comply fully with those laws, regulations, policies and procedures.
* Participate in departmental initiatives, administrative matters, and special projects as assigned by the Information Security leadership team.
Basic Qualifications:
* Bachelor's degree
* Min 3 years of experience in information security, risk management, audit, consulting, or related compliance/risk role
Preferred Qualifications:
* Large public accounting firm audit or banking experience is preferred.
* Highly motivated, team player, self-starter and able to work independently. Demonstrated ability to take the initiative and achieve results in a fast-paced and dynamic environment.
* Mature understanding of information security "best practices" including principles, security protocols and standards material such as OWASP Top 10 and SANS/CIS Critical Security Controls.
* Familiarization with contractual reviews and negotiations and external responses to business partner inquiries.
* Strong organizational and research skills; proven attention to detail.
* Experience in process mapping, policy and procedure writing.
* Experience using Information Security risk frameworks and standards (NIST, FFEIC, ISO 27002, COBIT, PCI, SOC 1, SOC 2, BITS-SIG/AUP etc.) for assessing information security controls.
* Applied technical background associated with business information security, infrastructure and systems development.
* Excellent interpersonal, written and verbal communication skills with proven experience in expressing technical observations and opinions, in business terms.
* Strong teamwork and Project Management experience.
* Ability to work in a diverse, fast paced environment and collaborating with varying levels of management.
* Proficiency with MS Office.
* CISSP, CISM, CRISC, CISA, Security+ or like certifications a plus.
EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details. Huntington does not accept solicitation from Third Party Recruiters for any position.