Indiana Stem Jobs

Mobile Indiana Career Connect Logo

Job Information

CNO Financial Group Sr Cybersecurity Governance Analyst in Carmel, Indiana

Job Description

The Sr. Security Governance Analyst is responsible for executing defined activities for security, privacy and risk. The role supports the application of security policies and standards across the company, including software engineering, finance, operations and IT. The role supports and enhances risk-based security governance processes within the company and ensure alignment with the internal security and business priorities, as well as external regulatory priorities. Annual projects and deliverables are established using company business goals and strategies, and communicated by the Sr. Director of IT Security, and the Director Strategy, Governance, Risk & Compliance.

Key Job Responsibilities and Accountabilities:

  • Demonstrates strong understanding of information technology systems, business processes, security regulation, risk management, and security vulnerabilities;

  • Identifies and evaluates complex technology risks, and internal controls which mitigate risks, and related opportunities for internal control improvement;

  • Participates in periodic and on-demand system audits, risk assessments, and third-party security reviews to ensure that business partners, applications, networks, and infrastructure components adhere to security policies and standards;

  • Performs Security Program assessments to determine adherence to Cybersecurity Strategy and business goals;

  • Develop, disseminate, and manage security metrics to be used in monitoring and improving the company’s security posture and decision-making;

  • Work jointly to maintain processes within and relevancy of the Governance, Risk, and Compliance (GRC) system;

  • Maintains currency of the risk register;

  • Understands and remains current on regulatory issue and practices;

  • Researches and evaluates current or emerging security technologies to support organizational cyber security objectives;

  • Advises on acceptable mitigating controls related to Policy and Standard Exceptions ensuring they are documented, including mitigating security controls, necessary approvals, and exception duration;

  • Performs periodic evaluations of CNO’s technical security standards against internal standards and industry best practices;

  • Performs IT risk related special projects and tasks; and

  • Completes all other duties as assigned.

Skills, Knowledge and Abilities:

  • Broad knowledge of security risk concepts and implications, and the ability to apply these concepts into a practical plan;

  • Excellent communication skills, both written and verbal, for interacting with leadership throughout the company;

  • Ability to drive for results while balancing multiple priorities and projects.

Education and Experience:

  • BA or BS degree in Information Systems, Computer Science, or other Business-related disciplinerequired

  • CISA, CISSP, CRISC, or other relevant Information Security certifications preferred

  • Typically a minimum of five to seven years of related experience

DirectEmployers