DTS is looking for Data Security Analyst for our direct client in in Charlotte, NC. No third party C2C allowed. Candidates have to work directly with us on our W-2. Job Responsibilities Evaluate third party supplier risk information security controls and ensure they are aligned with Client internal standards Evaluate data at rest internal and determine if the appropriate data protection controls are in place Respond to requests to transmit data outside the firm and validate data protection controls are applied Apply corporate methodologies relating to information security as well as the Operational Risk Management Methodology and approaches Develop data protection control recommendations for use by Global Supply Chain, Information Protection and Risk Management, line of business personnel, and various risk councils within Client. Participate in developing quantitative risk models to assist with communicating and evaluating risk Enter and track findings in enterprise systems (e.g., Ariba, OpenPages) Participate in the development and improvement of assessment methodology and tools Maintain subject matter expertise in information security as well as supplier management Provide advice to Sourcing Consultants, Legal, etc. to on risk areas during contract negotiations Assess supplier controls in regards to the specific services they are providing to Client. Examples of analysis include Review data protection controls for data at rest, in-motion and in-use Review supplier policies, standards procedures Review supplier responses to supplier risk questionnaire and review all pertinent artifacts Review independent assessments conducted by risk and compliance organizations Assess supplier information technology general controls or review assessments thereof Discuss risk and controls with suppliers and Client risk managers to clarify as needed Conduct on-site supplier inspections of supplier controls Participate in quantitative analysis to evaluate risk Qualifications Experience in the banking industry preferably at a large bank holding company (BHC) Experience with SQL reporting and R-Coding Experience with Imperva and Titus tools to perform data scans for assigning data classification labels Understanding of federal banking guidelinesrequirements Knowledge of Information systems' security risks and controls Federal Financial Institutions Examination Council (FFIEC) guidance and work plans Recognized information security-related standards such as ISO2700x, COBIT, PCI-DSS Compliance aspects of GLBA, EU Data Protection Directive, Sarbanes-Oxley, and other relevant laws and regulations Industry certification preferred (e.g., CISSP, CISM) BSBA or equivalent experience required Ability to interact with a variety of internal and external people in a professional manner that creates confidence in hisher knowledge and abilities and helps foster mutually satisfactory resolution to risk gaps and issues Please forward your resume to Contact Karun 248-###-#### Associated topics: attack, idm, information assurance, information technology security, malicious, phish, security, security analyst, security officer, violation
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.