Huntington National Bank Information Security Analyst- Sr (Policy and Governance) in Columbus, Ohio
Huntington's Information Security Governance and Communications team is responsible for the tracking and management of risks identified with Information Security stakeholders. The Information Security Analyst, Sr. is responsible for supporting the team by reviewing documentation, performing research, collecting metrics and senior management reporting. This individual will be also be responsible for collaborating with stakeholders to work through contract reviews and customer Information Security feedback. Candidate will work on multiple concurrent projects of varying degrees of complexity, as well as partner with Policy Governance on operational related tasks and perform other miscellaneous duties for Information Security as necessary. Approximately 5 to10% travel as required.
Provide support for external and internal contract reviews and customer inquiries as necessary.
Serve as a Subject Matter Expert (SMEs) for Information Security Governance and Communication.
Plan, author and review Information Security policies.
Develop and maintain Information Security standards and procedures.
Translate ongoing Information Security public risks into messages for Huntington management and colleagues.
Provide coaching and training to colleagues in support of continuous improvement efforts in the Information Security processes.
Maintain a current awareness and understanding of appropriate consumer financial laws, regulations, internal policies and procedures, and to comply fully with those laws, regulations, policies and procedures.
Participate in departmental initiatives, administrative matters, and special projects as assigned by the Information Security leadership team.
Min 3 years of experience in information security, risk management, audit, consulting, or related compliance/risk role
Large public accounting firm audit or banking experience is preferred.
Highly motivated, team player, self-starter and able to work independently. Demonstrated ability to take the initiative and achieve results in a fast-paced and dynamic environment.
Mature understanding of information security "best practices" including principles, security protocols and standards material such as OWASP Top 10 and SANS/CIS Critical Security Controls.
Familiarization with contractual reviews and negotiations and external responses to business partner inquiries.
Strong organizational and research skills; proven attention to detail.
Experience in process mapping, policy and procedure writing.
Experience using Information Security risk frameworks and standards (NIST, FFEIC, ISO 27002, COBIT, PCI, SOC 1, SOC 2, BITS-SIG/AUP etc.) for assessing information security controls.
Applied technical background associated with business information security, infrastructure and systems development.
Excellent interpersonal, written and verbal communication skills with proven experience in expressing technical observations and opinions, in business terms.
Strong teamwork and Project Management experience.
Ability to work in a diverse, fast paced environment and collaborating with varying levels of management.
Proficiency with MS Office.
CISSP, CISM, CRISC, CISA, Security+ or like certifications a plus.
EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity
Tobacco-Free Hiring Practice: To demonstrate our commitment to health and wellness, Huntington will not hire any candidate who uses tobacco or any nicotine product including, but not limited to, cigarettes, cigars, pipes, smokeless tobacco, chewing tobacco, snuff or snus, nicotine gum, the nicotine patch or any other kind of nicotine replacement product (where permitted by applicable state law). Candidates applying for positions in those states will be notified of this practice during the recruitment process and, if offered a position, will be screened for cotinine (to check for use of tobacco and/or nicotine products and/or nicotine replacement therapy products) before they begin employment. If the position to which you're applying is covered by this practice, the job application will provide greater detail as to what constitutes tobacco use.
Huntington does not accept solicitation from Third Party Recruiters for any position.