Credit One Bank Careers

AVP, Data Security Compliance & IT Auditing Manager in Las Vegas, NV at Credit One Bank

Date Posted: 11/2/2018

Job Snapshot

Job Description

Data Security:

  • Must possess a good understanding of IT technology to include hardware and software with a focus on security and auditing processes and procedures
  • Manages a security program including policies & procedures and security awareness  
  •  Participates in design reviews for software and hardware projects with a focus on detecting security design flaws and adherence to security best practices.
  •  Ensures compliance with Gramm-Leach-Bliley Act (GLBA), FFIEC, PCI Standards and other regulatory requirements
  • Develops, maintains and enforces a Data Security Review to be used for all new and existing critical vendors
  • Performs Data Security Awareness training for all new employees and annually for all bank employees
  • Escalates any security or compliance issues and alerts to management
  •  Helps define and support process improvements
  • Works with department heads to ensure security monitoring and best practices are being enforced
  • Designs and participates in security related incident responses. This includes but is not limited to developing policy and procedures and execution of incident response engagement procedures.
  •  Full-time position with on-call responsibilities


Risk Management:

  • Good understanding of a Risk Management Model (e.g. Threats, vulnerabilities and controls)
  • Oversees annual review and revision of the risk management process
  • Prepares analysis of new technology deployed within the infrastructure including hardware, software and functional processes determines level of risk associated with each technology
  • Provide advice to development teams on how to achieve compliance with regulations and IT Policies & Procedures
  • Knowledge of the global IT Risk Regulatory Landscape
  •  Knowledge of project and program management concepts and controls

Regulatory Examinations and Audit Oversight:

  • Stay abreast of new regulatory requirements and communicate to upper management
  • Must have experience working with federal examiners (e.g. FFIEC, OCC, SOX, FDIC, etc.)
  • Good working knowledge of requirements for GLBA, SOX and PCI
  • Ability to drive IT internal and third-party audits and regulatory examinations
  • Develop audit scope
  • Request RFP’s and present to audit committee
  • Prepare request list items for pre-audit
  •  Manage audit process
  • Manage and track recommendations and remediation efforts  


Job Requirements

Job Requirements

  • Must have 5 + years of experience in physical and logical security oversight
  •  Experience with auditing processes, Including network Security, SDLC/Change Management and IT related functions
  • Experience in developing and maintaining a technology risk assessment process
  • Must have strong communication skills and ability to work individually, within a team and with other business groups
  •  Experience or understanding of Disaster Recovery and Business Continuity initiatives
  • Must have ability to develop policies & procedures and communicate effectively in a one on one as well as a group environment
  • Understanding of federal and other regulatory requirements and the ability to keep current
  • Must be well versed in industry accepted IT control frameworks (e.g. SSAE16, SAS70 or ISO17799 audit reports)