Skip to Main Content
← Back to Jobs

Senior Information Security Risk & Compliance Consultant - Cincinnati, OH/Remote

U.S. Bank Irvine, CA
  • Expired: September 11, 2019. Applications are no longer accepted.

U. S. Bank is seeking a Senior Information Security Risk and Compliance Consultant to support the adherence to information security controls and best practices by leading various initiatives for Information Security Insider Threat. The candidate will have a broad understanding of security controls, data loss prevention and Insider Threat prevention concepts, technical expertise, and can collaborate cross functionally to achieve mutual goals.

  • Facilitate SME discussions with various application owners to effectively document control design and operating effectiveness testing requirements and standards for the organization
  • Research and understand emerging IT risk factors and their impact on current control testing standards and/or documentation
  • Report and escalate issues appropriately and timely
  • Provide recommendation to leadership on program effectiveness and enhancements
  • Understand how to identify risks and gaps with people, process and technology and effectively prioritize objectives
  • Articulate implications of the risks relative to insider threats
  • Understand data and behaviors to identify problems from multiple angles and gather information, as well as be able to identify missing information/indicators needed to produce best results
  • Assist in building processes, procedures, and training for the Insider Threat program
  • Stay abreast of current technologies, developments, security compliance requirements, standards and industry trends to help achieve the goals of the department.
Preferred Skills/Experience:
The ideal candidate will have a well-rounded information security background including a strong understanding of IT risk management, information security controls, industry standards and best practices such as the NIST 800 series, NIST CSF, and ISO 27000 series. The candidate should understand and have experience with the security configuration, as well as various design controls, regulatory, legal and contractual requirements impacting financial institutions (e.g. GLBA, SOX, FFIEC, and PCI).
Additional preferred skills and experience relevant to the work include:
  • CERT Insider Threat course work/certifications
  • Industry certifications in the area of information security, project management and technology auditing including, CISSP, CISM, CGEIT, CISA, GIAC GSEC, and/or PMP
  • Excellent communication skills, both oral and in written
  • Skilled in leading and coordinating work efforts of other team members to meet tactical and strategic goals
  • Experience with program management and measurement through development and implementation of process efficiency and effectiveness measurements
  • Ability to analyze and articulate implications of compliance requirements
  • Skilled at communicating technical information to non-technical audiences and stakeholders at every level of the organization
  • Ability to build and maintain relationships across diverse technical and non-technical teams
  • Effective in communication with management and senior leadership, as well as internal & external auditors
Basic Requirements:
  • Bachelor's degree or equivalent work experience
  • 10 or more years of experience of information security
Preferred Skills:
  • Graduate/Master's level degree in the areas of business administration, information security, computer science, information technology management, technology auditing
  • Experience in risk and compliance management and process development in the areas of information technology and security
  • Highly skilled in developing executive-level presentations and strategies that include process diagrams and designs
  • Industry certifications in the area of information security, project management and technology auditing including, CISSP, CISM, CGEIT, CISA, GIAC GSEC, and/or PMP
  • IT Project Management
  • Understanding of financial industry legal, regulatory and compliance requirements for information security
  • Demonstrated leadership with teams/individuals and large/complex enterprise projects
  • ability to communicate cross functionally and at all levels
  • Proficient in MS Office tool suite including, Excel, PowerPoint, SharePoint and Visio
Job: Information Technology
Primary Location: Ohio-OH-Cincinnati
Shift: 1st - Daytime
Average Hours Per Week: 40
Requisition ID: 190025011
Other Locations: United States
U.S. Bank is an Equal Opportunity Employer committed to creating a diverse workforce.
U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.

U.S. Bank


Irvine, CA
92604 USA