INFORMATION SECURITY ANALYST
Job Number : 10252
Job Location :
Job Category : Risk/Security
Job Type : Full Time
Old National Bank was established in 1834. Today we are the largest financial services holding company headquartered in Indiana . We provide an array of services to our clients which include Retail Banking, Investments, Wealth Management and Insurance. At Old National we believe that by helping our associates balance work life with home life, we create a more productive workforce and a stronger company. In 2012, we were named one of the World’s Most Ethical Companies by the Ethisphere TM Institute.
We have an opening in the Risk Management Department for an Information Security Senior Analyst.
An Information Security Senior Analyst is responsible for ensuring compliance with security laws and regulations affecting Old National (including GLBA, HIPAA, FFIEC, COSO, ISO, etc.), which includes performing ongoing risk assessments and controls testing.
· Conduct and perform secondary reviews to test adherence of the information security policy, program, and standards through timely review of organizational-wide controls, application SSAE 16s, application review, and control reviews. Assist management in the correction of issues where they exist.
· Perform SOX IT testing to ensure controls are adequate and operating effectively. Coordination with the SOX department to ensure testing properly covers the necessary scope. Assist Internal Audit in the correction of issues where they exist.
· Maintain oversight of the company’s information security policies, standards, procedures, security documentation and regulatory documentation. Work closely with departments outside Information Security (Network Security, Technical Services, Lending, Deposit Ops, etc) to assess company initiatives and maintain ONB’s Information Security policies, standards and procedures to ensure the risk of failed controls is reduced.
· Evaluate internal and external environment for threats, changes, etc related to Information Security and perform the role as Information Security subject matter expert to ensure these are properly addressed and controlled.
· Create materials and deliver Information Security awareness training program which will be utilized by all levels of associates of the company to better understand the information security risks to the company and the importance of an effective program.
· Assist in the preparation of committee and board reports.
· Create and maintain Information Security’s tracking and testing forms/tools used to ensure information security reviews are appropriately scoped, scheduled and reviewed.
- Assist in the investigation and reporting of any Information Security incidents.
· Bachelor’s degree in business or other technical disciplines required.
· 8 to 10 years experience with a working knowledge of information security standards (including GLBA, HIPAA, FFIEC, COSO, ISO, etc.), controls and procedures. Includes industry best practices and experience with performing information security risk and control assessments, as well as, regulatory and other requirements.
· Required: CISSP (Certified Information Systems Security Professional) or CISA (Certified Information Systems Auditor).
· Strong organizational, people management, communication and leadership skills.
· Ability to write executive level summary reports and effectively present information and respond to questions from executives, managers, business line, customers and the general public.
Diversity …Our differences enhance business performance.
Old National is an equal opportunity employer M/F/D/V. I ndividuals with disabilities, including disabled veterans and veterans with service-connected disabilities, are encouraged to apply.
We do not accept resumes from external staffing agencies or independent recruiters for any of our openings unless we have an agreement signed by the SVP Talent Acquisition Manager, to fill a specific position.