Job Description

Location Address: Hybrid - onsite 2-3x/week (ideally Tuesdays and Thursdays)
Contract Duration: 6 months
Possibility of Extension
Schedule Hours: 9am-5pm Monday-Friday; standard 37.5 hrs/week (Possible OT)
Story Behind the Need
Business group: U.S. Information Security and Control
This is a security advisory team that provides various security services across the enterprise, including assessing systems and their security posture, aligning technology into the network environment, supporting secure by design initiatives, and providing guidance to business lines on best practices and adhering to the bank's security standards.
Project: Project GENIE
Assessing the presence of DLPC (Data Loss Prevention Controls) on subsidiary applications within the LATAM region.
The Bilingual (English-Spanish) Security Advisor contractor is required to conduct residual risk assessments for applications handling bulk sensitive data, as part of deliverable #2.
Candidate Requirements/Must Have Skills:
1) 5+ years of hands-on technical working experience in performing security assessments on various platforms, network infrastructure and complex applications.
2) 3+ years of Experience with Threat Risk Assessments of applications hosted on premise, cloud, hybrid cloud and SaaS.
3) 5+ years of experience in security solution architecture, software development, and/or hands-on experience with implementations to various environments, knowledge of application security controls, including compensating controls and cloud-based security solutions
4) Deep understanding of DLP tooling and controls including enhanced monitoring and authentication standards.
5) Bilingual in Spanish
Nice-To-Have Skills:
1) prior experience using ServiceNow platform
2) You have solid knowledge of cloud technologies and cloud security (GCP or Azure or AWS)
3) security engineering, security architecture, and/or security risk based certifications (CISSP, CISM, CCSP, CRISC)
4) Familiar with industry standards and frameworks e.g., NIST 800-53, ISO 27001, ISO27002, ISO 27017, ISO27018, PCI DSS, CIS.
Soft Skills Required:

• You are a strong communicator and capable of creating clear documentation and communicating ideas to others
• You possess advanced communication (verbal/written/presentation) skills in English.

Education: Post-secondary education in Computer Science or in a related field.
Best VS. Average Candidate: The ideal candidate would be familiar with frameworks listed under nice to haves and would have solid knowledge of cloud security.
Candidate Review & Selection
2 rounds
1st round - HM - 30 mins - MS Teams Video (possible in-person interview)
2nd round - HM + Project Lead - MS Teams Video
#NIT001

Skills Required