Apply on Employer Site

American Savings Bank · 16 hours ago

Information Security Risk Analyst

Honolulu, HI

Full-time

Onsite

Mid Level

4+ years exp

American Savings Bank is committed to maintaining a robust information security program. The Information Security Risk Analyst will support the identification, assessment, and management of information security risks while ensuring compliance with relevant regulations and internal policies.

BankingBitcoinFinancial Services

H1B Sponsor Likely

Responsibilities

Works with IT and internal operations to ensure safeguarding of all confidential, proprietary, privileged, and protected information assets, including customer data. Monitors essential processes to ensure compliance with policies, standards, practices, and guidelines. Assists in verifying compliance with information security requirements of applicable laws, regulations, and Bank policies and procedures, including but not limited to GLBA, FACTA, PCI DSS, Anti-Money Laundering laws and regulations, Bank Secrecy Act, and USA PATRIOT Act

Develops and performs information security and vulnerability assessments, including testing of applications, systems, and infrastructure to ensure appropriate protection of sensitive customer and company information. Conducts risk analyses and recommends remediation for deficiencies. Tracks and assesses remediation(s) to ensure compliance with policies and operational standards

Performs information security risk management activities including information security risk assessments, vendor risk reviews, and monitoring remediation of identified gaps and issues

Develops reports on key program effectiveness metrics, including analytics for actionable insights

Ensures technical enforcement and effectiveness of internal security controls to maintain integrity of organizational networks, systems, and applications

Develops and conducts bank-wide/departmental information security training. Maintains current knowledge of evolving information security risks, particularly regarding cyber security, trends with risk mitigation tools, and changes to industry regulations affecting financial institutions

Recommends, maintains, develops, and revises all information security governance documentation

Builds and matures a culture focused on the proactive awareness and improvement of the information security risk environment

May occasionally work evening/night hours as needed to address critical situations

Qualification

Information security programsRisk management frameworksSecurity frameworks knowledgeAnalytical skillsInterpersonal skillsNetworking knowledgeGeneral IT ControlsCritical thinkingCommunication skillsSelf-motivated learner

Required

Minimum of four (4) years of the following experience: Direct experience in developing information security programs and assessing effectiveness of such programs, preferably within a financial services organization

Experience with risk management frameworks, internal controls, and risk concepts

Experience with information security frameworks and general areas of information security

Verified self-motivated learner bringing a sense of enthusiasm to a hands-on working environment, with the ability to independently research and develop solutions to unique challenges

Knowledge of risk management, business process design, and risk concepts with a background in financial, regulatory, information security, and/or enterprise risk management

Proven critical thinker with the ability to research, assess, and effectively communicate IT risks and develop, recommend, and monitor corresponding controls

Proven excellent interpersonal, verbal, and writing skills to clearly communicate to a diverse audience, with verified ability to build and maintain relationships across diverse technical and non-technical teams

Established acute analytical skills, including the ability to consolidate broad data sets from multiple sources, both internal and external, to identify patterns and/or risk factors

Verified knowledge and experience with a broad range of security frameworks and standards such as PCI, NIST, ISO 2700 series, etc. Knowledge of the SOX, Federal Financial Institutions Examination Council (FFIEC) and section 501(b) of the Gramm-Leach-Bliley Act

Ability to independently apply risk management concepts in various and novel situations to accurately identify, assess, and conclude on risks, while also determining alternatives or designing mitigating controls/activities

Preferred

Knowledge and experience with several networking, operating systems, platforms, client/server, web applications, and general information security technologies is a plus

Knowledge and experience with General IT Controls (GITC) and maturity models from various frameworks (SOX, FFIEC, CIS, etc.) is a plus

Company

American Savings Bank

Glassdoor3.5

American Savings Bank provides Personal Banking, Home Loans, Commercial Banking, Loans.

Founded in 1925

Honolulu, Hawaii, USA

1001-5000 employees

https://www.asbhawaii.com/

H1B Sponsorship

American Savings Bank has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2024 (1)

2023 (2)

2022 (2)

2021 (2)

2020 (3)