Summary
The Information Security Analyst reports to the CISO and is responsible for specific aspects of the security program including regulatory reporting, metrics/KPIs, training and awareness, security process integration and risk management.
Essential Duties & Responsibilities
- Proactively defend, detect, and eliminate security threats
- Gathering, Reporting, and Analyzing Information Security KPIs
- Advise on Risk Levels and Security Posture through Risk Management Framework
- Identifies business processes requiring Information Security Integration
- Support the Design and Execution of Security Exercises
- Ensure Security Policies are aligned with other governing policies
- Provide subject matter expertise and full lifecycle management for installed security base.
- Participate in security projects from inception to implementation and provide post project support.
- Advise on projects delivering business solutions that impact information security risks and relevant compliance certifications.
Qualifications
- Proven ability in information security principles ,processes, tools and latest industry awareness, and current knowledge.
- Strong knowledge of NIST (800-53, CSF) and other information security frameworks.
- Understanding of financial services regulatory environment
- Experience with formal risk management.
- Very good analytical skills, logical thinking, diagramming capability.
- Strong and confident interpersonal and customer service skills; ability to interface with personnel from various departments and levels, both technical and non-technical.
- Excellent organizational skills. Ability to prioritize multiple tasks and meet deadlines. Attention to detail and commitment to excellence.
- Experience of working in an ITIL focused support organization with incident/request tickets.
- Ability to work flexible schedules including availability outside of normal working hours.
- Knowledge of data privacy regulations is a plus.
Education & Experience
- Minimum Required: Bachelor's degree in Information Technology, Computer Science or equivalent qualification in IT or Risk Management.
- Minimum Required: 3+ years' in IT industry
- Preferred: 1+ years' of experience in information security role
- Sec + or CySA+ preferred
Systems & Technology
- Experience using industry standard event logging platforms
- Solid skills with Windows Office Suite
About Stifel
Stifel is a more than 130 years old and still thinking like a start-up. We are a global wealth management and investment banking firm serious about innovation and fresh ideas. Built on a simple premise of safeguarding our clients’ money as if it were our own, coined by our namesake, Herman Stifel, our success is intimately tied to our commitment to helping families, companies, and municipalities find their own success.
While our headquarters is in St. Louis, we have offices in New York, San Francisco, Baltimore, London, Frankfurt, Toronto, and more than 400 other locations. Stifel is home to approximately 9,000 individuals who are currently building their careers as financial advisors, research analysts, project managers, marketing specialists, developers, bankers, operations associates, among hundreds more. Let’s talk about how you can find your place here at Stifel, where success meets success.
At Stifel we offer an entrepreneurial environment, comprehensive benefits package to include health, dental and vision care, 401k, wellness initiatives, life insurance, and paid time off.
Stifel is an Equal Opportunity Employer.