> > Hi, > > Please go through the requirement let me know if you have suitable > consultants. > * > *Title:* *Security Controls Analyst > Location: Salt Lake City, UT > Duration: 1 Year > Job Type: Contract > Start: Immediate > Rate: Open/hr > * > **Required Technical Capabilities: > *Following are essential capabilities: > - Financial Industry Regulatory requirements > - Practical knowledge and experience of risk management techniques and > practices (including security risk assessment) > - Practical knowledge and experience of information security principles > and tooling including encryption, PKI, authentication protocols/services, > privileged account management and role based access control > - Technical security engineering knowledge and experience > - Retains up-to-date knowledge of industry information security risk and > technology developments > - Knowledge of a broad range of technologies with the ability to quickly > grasp the security implications of new technologies and changes > - Specific skills in secure application development > - Excellent communicator – verbal and written > - Stamina and determination – A strong sense of initiative, a ‘can do’ > attitude and a deep drive to improve service quality > - Intellectually strong – Able to balance business and technical drivers > with excellent problem management skills > > Following are desirable additional technical capabilities: > - Specific skills in: > - Database security (Oracle, Sybase or SQL) > - Unix / Linux > - Active Directory > - LDAP and Kerberos / NIS / NIS+ > - Windows 2000/2003/XP > - Secure application development techniques > - IIS / Apache / Web server security > -.NET , ASP > - JAVA > - XML > - SSO / identity management > - PKI & encryption technologies > - Authentication mechanisms > - Firewall technologies > > *Qualifications: > *Following are essential capabilities: > - Bachelor’s Degree or equivalent experience in Information Technology > - Minimum one of the Industry certifications such as CISSP, CISA, CISM, > CEH, CGEIT or CRISC > - 5+ years experience in Information Security with minimum 3 years > hands-on experience in any of the security roles of Network, Operating > System, Application or Database administration combined with Risk > Assessment responsibility > - In-depth knowledge in Authentication, Cryptography, Secure Development, > Network Security and Operational Security > - Excellent problem solving, analytical, communication, organization, task > and time management skills > - Ability to work independently and as part of a team > - Technical documentation > > Following are desirable additional experience: > - Previous experience in a Financial Services firm a plus > - Business Presentation skills > > Perform regional testing activities based on the Technology Risk and > Controls Assessment (“RACA”) Framework > - Assess the adequacy and effectiveness of the 1st line of defense > controls by M&IB Americas Technology > - Coordinate and consolidate RACA test results by the SOx team and global > team. > - Ensure that the RACA framework is fit for purpose. > > *Key Responsibilities:- > *- Business Model: Ensure that the global RACA framework is effectively > implemented in the M&IB Americas Technology environment via control testing > activities. > - Governance: Create and maintain an effective and efficient governance > structure across M&IB Americas Technology, based on the principles of “Good > Corporate Governance”. Ensure that adequate governance exists over the > regional RACA testing program. > - Culture: Define, drive and shape the culture of the business to embed > strategic goals throughout all levels: client focus, high performance > business, strong control. > The RACA testing program will lead to a robust control culture in the M&IB > Americas Technology control environment. > Business Delivery and Financial Performance > Setting clear, measurable near term financial goals and deliverables > - Efficiency and Cost Management: Maintain a culture of cost consciousness > and operational excellence across the firm. Ensure remediation action plans > are cost effective. > Customer Expectations > Meeting and exceeding customer and stakeholder expectations > - Client Focus: Promoting client focus throughout communications and > client engagement. Ensure adequate understanding and consideration of the > control environment when performing testing activities. > - Customer Delivery: Deliver accurate and timely data required by > stakeholders to manage technology risk matter effectively. Communicate > clearly and timely with the stakeholders on risk issues identified. > - Reputation: Build, safeguard and uphold the reputation of RBS Group > across all stakeholders: investors, press, politicians, public, staff, > clients, etc. > - Regulatory Relations: Provide accurate and timely data requested by > regulators, industry associations, policy makers, etc in their reviews. > Document test results clearly and organize the test evidence collected to > enhance the understanding of the testing activities. > > Risk, Efficiency and Control > Setting clear goals, internal controls, risk management, business > efficiency, improvement and effectiveness > fLine of Defence: [Mandatory; 1st LD, 2nd LD or 3rd LD, use link to access > guidance as appropriate. e.g. All staff in the first line should add the > following] > 1st LD: To be accountable for owning and managing, within a defined risk > appetite, the risks which exist in your business area > - Establish and maintain risk assessments to identify and assess the > material risks that arise in their area of responsibility > - Comply with relevant Group Policies, testing and certifying the adequacy > and effectiveness of their controls on a regular basis > - Conduct Risk: [Mandatory]: To be accountable for ensuring you > understand, uphold and promote the Conduct Risk standard pillars: > - Employee Conduct > - Corporate Conduct > - Market Conduct > - Conduct Towards our Customers > - Risk Appetite and Business Quality: Ensure business is conducted within > its risk appetite which should include credit risk, conduct risk, > operational risk management, market risk management, reputational risk, > compliance, AML/KYC and business continuity management. > - Operating Disciplines and Controls: Establish and maintain operations, > controls, risk assessments and assurance programmes, monitoring of risk and > controls to identify, assess and manage any material risks which may > arise. Based on the tests completed, assess the quality of the control > environment of M&IB Americas Technology and provide input to the > semi-annual CEC process. > - Risk Culture: Set the tone from the top by promoting appropriate > business and risk aware behaviours and requiring compliance with all > statutory and regulatory requirements and RBS Group policies. > - EC Commitments: Receive and consider issues related to commitments in > the European Commission State Aid Deed for M&IB Americas Technology as > appropriate to the business > - Business Continuity: Ensure the business continuity process is > adequately understood and followed by the M&IB Americas Technology Audit > and Risk Management team. Participate in relevant business continuity > activities such as call-tree exercises > > Experience – What previous experience is required for the role? > Essential Desirable > - Control testing experience or equivalent experience in Information > Technology or Audit > - Interacting with personnel of all levels > - Experience of working within complex global organisations > - Experience of building relationships with key business > leaders and senior customers in Technology > - Complex technology control testing experiences > - Risk issues reporting experiences > > Technical Capabilities – What are the specific skills, knowledge and > abilities required for the role? > Essential Desirable > - Basic understanding of applications, database, operating systems and > network controls > - Project management expertise on driving tasks/projects to timely > completion > - Excellent communicator at group and individual level > - Excellent problem solving, analytical, verbal and written communication, > organization, task and time management skills > - Ability to search and find testing data through the understanding of key > systems and process > - Ability to understand and interpret policies and standards > - Strong Proficiency with all MS Office applications (especially > Excel) > - In-depth understanding of applications, database, operating systems and > network controls > - Knowledge of Infrastructure tools and systems architectures > - Understanding of the M&IB Americas Technology environment > - Knowledge of the 3LoD model > - Understanding of the M&IB Americas business and support functions > - Understanding of relevant Group policies and procedures > > Qualifications – What training or qualifications are required for the role? > Essential Desirable > - Bachelor degree in Computer Science / Information Technology / IT > Audit > - CISA > - CSSM > - CISP > > Best Regards, > * > **Praveen Kumar Gouribhatla > *Sr. Business Development Manager > Swift Solutions, Inc. > 4819 Emperor Blvd, Suite: 400, Durham, NC 27703 > Tel: 919-313-0888 | Fax: 732-782-0388 > Email: [email protected] > Linkedin: http://www.linkedin.com/in/gouribhatla > Gtalk | Yahoo: "Pundits.Recruiting" > Open Jobs: http://www.jobseekerstab.com > > *Swift Solutions Inc participates in E-Verify program of USCIS.*
-- You received this message because you are subscribed to the Google Groups "SAP ABAP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/sap-abap. For more options, visit https://groups.google.com/groups/opt_out.
