Job Information
Jack Henry & Associates Information Security Risk Analyst, Sr. in United States
Information Security Risk Analyst, Sr.
General information
Press space or enter keys to toggle section visibility
JobID
15103
Position Level
Individual Contributor
Team
Business Operations
Working Time
Full-Time
Position Type
Regular
Workplace Type
Remote
Description & Requirements
Press space or enter keys to toggle section visibility
At Jack Henry, we deliver technology solutions that are digitally transforming and empowering community banks and credit unions to provide enhanced and streamlined user experiences to their customers and members. Our best-in-class products are just the start as we lay the groundwork for the future of digital banking and payments. We hope you’ll join us. We can’t do it without you.
Our growing Information and Cyber Security Team—responsible for ensuring our organization is protected and secure in all areas—is seeking a Senior Information Security Risk Analyst to join our team. This individual will assist with our risk and controls operations, particularly around third party cyber risk management. This is a highly collaborative role, working not just within the ICS team but across our broader cybersecurity and enterprise compliance operations, as well as serving as a subject matter expert to our clients for risk management questions. Because you’ll have your hands in so many things and be interacting with so many people in and out of our team, the potential to learn new things is unlimited!
This position can be based to work out of any Jack Henry office or remotely from any US location. Salary range for this position is $62,500-100,000, depending on candidate experience and geographic location.
What you’ll be responsible for:
Contribute to the development and ongoing management of Jack Henry’s information security risk management strategy.
Partner with senior leadership to evaluate existing security processes, address control gaps, and assess, monitor, and report on information security risks with potential organizational or compliance impacts.
Collaborate with information security control functions to align the identification, evaluation, and reporting of information security risks, developing a comprehensive view of risks.
Coordinate timely completion of security-related deliverables, issue resolution, and implementation of improvements, meeting all obligations.
Communicate key information security risks affecting business unit operations and provide insights on emerging risks and potential solutions to address gaps in risk coverage.
Evaluate third-party cyber risks against best practices and regulatory guidance related to vendor management.
Research, analyze, create, and maintain applicable Policies & Procedures.
Monitor changes to regulatory and compliance requirements, as well as industry frameworks, to ensure that the organization’s security policies and procedures remain up-to-date and compliant.
Coordinate audits, perform and monitor control testing, and ensure the effectiveness of security controls.
Maintain client documentation and respond to due diligence requests.
May perform other job duties as assigned.
What you’ll need to have:
A minimum of 4 years in any combination of: compliance, risk management, information security, corporate policy analysis, information technology, or corporate governance.
Experience working directly with information security teams.
Experience with NIST, PCI, FFIEC, and/or cloud security standards.
Experience providing written communication or reports in a professional setting.
Ability to travel up to 5% for team meetings.
What would be nice for you to have:
Bachelor's degree.
Experience working with compliance management systems.
Experience developing and enhancing third party cyber risk management programs within enterprise environments.
Certified Information Security Manager (CISM), Certified Risk Manager (CRM), Governance, Risk and Compliance Professional (GRCP) or other equivalent cybersecurity or risk management certification.
If you got this far, we hope you're feeling excited about this opportunity. Even if you don't feel you meet every single requirement on this posting, we still encourage you to apply. We're eager to meet motivated people who align with Jack Henry’s mission and can contribute to our company in a variety of ways.
Why Jack Henry?
At Jack Henry, we pride ourselves through our motto of, "Do the right thing, do whatever it takes, and have fun." We recognize the value of our associates and believe much of our company’s strength and success depends on their well-being. We demonstrate our commitment by offering outstanding benefit programs (https://jackhenry.avature.net/careers/LifeAtJH) to ensure the physical, mental & financial wellbeing of our people is always met.
Culture of Commitment
Ask our associates why they love Jack Henry, and many will tell you it is because our culture is exceptional. We do great things together. Rising to meet challenges and seeking opportunities is part of who we are as an organization. Our culture has helped us stay strong through challenging times and we credit our dedicated associates for our success. Visit our Corporate Responsibility (https://www.jackhenry.com/corporate-responsibility) site to learn more about our culture and commitment to our people, customers, community, environment, and shareholders.
Equal Employment Opportunity
At Jack Henry, we know we are better together. We value, respect, and protect the uniqueness each of us brings. Innovation flourishes by including all voices and makes our business—and our society—stronger. Jack Henry is an equal opportunity employer and we are committed to providing equal opportunity in all of our employment practices, including selection, hiring, performance management, promotion, transfer, compensation, benefits, education, training, social, and recreational activities to all persons regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, genetic information, pregnancy, marital status, sex, gender, gender identity, gender expression, age, sexual orientation, and military and veteran status, or any other protected status protected by local, state or federal law.
No one will be subject to, and Jack Henry prohibits, any form of discipline, reprisal, intimidation, or retaliation for good faith reports or complaints of incidents of discrimination of any kind, pursuing any discrimination claim, or cooperating in related investigations.
Requests for full corporate job description may be requested through the interview process at any time.