Information Security Analyst Sr.

Cenlar is the nation’s leading mortgage loan subservicer. Our unique culture is defined by our core values of respect, trust, integrity and care. A promote-from-within philosophy, and opportunities for continuous professional growth make Cenlar a great place to launch or boost your career.

The Information Security Analysts support the Corporate Security Program in achievement, maintenance, and oversight of best practice and industry standard physical, cyber, and logical controls on all Cenlar computing resources.  The Analysts may support Cenlar's technical information security program including routine operational tasks, as well as security projects and technical security analysis needs. The Analysts assist in security assurance around company’s use of third-party service providers and the appropriate transparency of company’s technology and security control functions externally.   This position ensures the on-going security control activities occur as defined, are operating effectively, and maintains evidence of compliance with the controls (RCSA, SOC, IA, OCC guidance, best practices).

Responsibilities:

Security Program

• Acts as a Subject Matter Expert in access controls, access management, and access governance 
• Works effectively in a matrix managed environment
• Leverages tools / models such as Capability Maturity Model (CMM), pivot tables and representative dashboard metrics, Visio diagrams, Powerpoint, Excel macros
• Supports the Director, Identity and Access Management in performing annual risk assessments (FFIEC AIBE, Cyber/FFIEC CAT, SOC testing, GLBA, Physical Security) as assigned
• Conducts existing and identifies new security oversight reviews
• Supports Cenlar’s internal audits, external audits, and exams   for user access controls and supporting evidence
• Participates in investigations of improper access, revoking access, and/or reporting violations
• Communicates unresolved security exposures, misuse, or noncompliance situations to Corporate Security leadership
• Recognizes, identifies potential areas where existing security policies, standards, and procedures require change, or where new ones need to be developed, and creates required documentation
• Validates risks and issues and develops mitigation and remediation recommendations
• Builds cross-functional relationships with business partners

Security Assurance

• Assists the Manager, Information Security in compliance review engagements focused on or conducted by external entities, including vendors, clients, regulators, rating agencies and internal/external auditors
• Assists in coordinating vendor assurance activities with Vendor Management as it relates to Information Security, Physical Security, Cybersecurity, and Business Continuity related controls and compliance efforts, to include visit coordination to all Tier 1 vendors and periodic site visits to Tier 2 vendors on a rotational basis
• Serves as a secondary contact point or CSO interface with Client Relations for client due diligence and site visits
• Assists in gathering information required by clients in support of Cenlar’s client due diligence efforts by providing necessary information and documentation prior to, during and following each client review engagement
• Assists in providing oversight to security assurance activities handled by groups other than the Corporate Security Office, to ensure that strong controls are maintained while continuing to meet appropriate service levels. 
• Establishes clear performance objective and strives to meet objectives within agreed time frames, budgets or service level
• Ensures compliance with company policies, procedures, and regulatory requirements, and the accuracy and reliability of company data; and to confirm the adequacy of implemented security controls and help identify necessary improvements. 
• Assists in developing vendor Security Assurance program tools and a scorecard to be updated and presented either monthly or, at minimum, quarterly.
• Assists in developing cost/benefit analysis or justification for any new Corporate Security expenditures as related to security assurance
• Assists in Vendor Security Assurance to include the following:
  • Maintains the vendor due diligence process and framework in alignment with corporate Vendor Management program
  • Assists in reviewing and improving the vendor security assessment questionnaire and related processes
  • Conducts assessments, including on-site visits, whether initially for new potential vendors or on an ongoing basis, minimally annually, for existing vendors
  • Evaluates information, questionnaire responses and third-party reports
  • Assists in developing the vendor security assurance program tools and a scorecard to be updated and presented either monthly or, at minimum, quarterly
  • Assists in tracking findings by maintaining a comprehensive list of risks/findings documented by the CSO, ensuring the CSO schedules meetings with the business owners to review the risks and findings and put action plans in place while business relationship owners in turn coordinate reviews, request responses and obtain remediation plans from vendors, as appropriate
  • Assists in documenting efforts by vendors to reduce or eliminate risks identified in the security assessments where the business relationship owner works with the vendor and CSO to agree on acceptable remediation plans and timelines 
  • Assists in the training and support of other members of the company in all areas related to the Corporate Security Office programs
  • Acts as an advocate of security policies and procedures with all associates and external clients and business partners

Technical Security

• Completes assigned tasks designed to ensure the security of the organization's systems and information assets and protects against unauthorized access, modification, or destruction
• Works within the Corporate Security Office and with end users to determine needs of individual departments in order to implement policies and procedures, and assist in tracking compliance through the organization
• Performs proactive analysis of the security environment to reduce the risk of systems compromise through unauthorized entry and/or activities performed by either external individuals or Cenlar associates
• Monitors  firewalls and intrusion prevention systems, system logs, and other systems for security related events on a regular basis, looking for signs of abuse or misuse
• Assists in the investigation of anomalies and response to confirmed security incidents in line with incident response policies and procedures
• Monitors security newsgroups, mailing lists, and postings for information on potential intrusions or security weaknesses where adjustments to the information security controls are warranted
• Stays current on security technologies, techniques, and possible threats to Cenlar
• Conducts assigned risk assessments or audits of existing or new systems to document areas of deficiency, opportunities for improvement and potential financial impacts.  Works to implement improvements
• Completes all assigned project tasks in accordance with project requirements and deadlines
• Works with external audit or assessment teams to identify security related exposures for purposes of general controls improvement or obtaining or maintaining ratings or certifications
• Utilizes security and vulnerability assessment tools internally and externally to identify network security weaknesses in order to recommend network or operating system enhancements
• Supports penetration testing and/or vulnerability assessments of Cenlar systems to ensure that suspected or real vulnerabilities are identified, prioritized and remediated

Cyber Incident Response

• Acts as a subject matter expert in cyber resilience and cyber/privacy incident response
• Supports the Director, Cyber Incident Response in planning, protecting, detecting, responding and recovering from cyber and privacy incidents
• Supports the Director, Cyber Incident Response in performing annual risk assessments related to Cyber and Privacy response. (FFIEC AIBE, Cyber/FFIEC CAT, SOC testing, GLBA, Physical Security) 
• Coordinates and participates in recurring Table Top exercises to continuously test cyber resilience and find areas of improvement
• Supports Cenlar’s internal audits, external audits for user access controls and supporting evidence
• Participates in investigations of cyber and privacy incidents including ransomware, denial of service, improper access, revoking access, and/or reporting violations utilizing a variety of forensic tools
• Communicates unresolved security exposures, misuse, or noncompliance situations to Corporate Security leadership
• Recognizes, identifies potential areas where existing security policies, standards, and procedures require change, or where new ones need to be developed, and creates required documentation
• Validates risks and issues and develops mitigation and remediation recommendations
• Builds cross-functional relationships with business partners
• This role will be interacting and leading C-level and Sr Leadership members
• Acts as an advocate of security policies and procedures with all associates and external clients and business partners
• Assists in the training and support of other members of the company in all areas related to the Corporate Security Office Resilience program
• Assists in developing cost/benefit analysis or justification for any new Corporate Security expenditures as related to cyber/privacy incident response
• Assists in developing the cyber resilience program KRI/KPI and generating scorecard to be updated and presented either monthly or, at minimum, quarterly
• Assists in tracking findings by maintaining a comprehensive list of risks/findings documented by the CSO, ensuring the CSO schedules meetings with the business owners to review the risks and findings and put action plans in place while business relationship owners in turn coordinate reviews, request responses and obtain remediation plans from vendors, as appropriate
• Conducts assigned risk assessments or audits of existing or new systems to document areas of deficiency, opportunities for improvement and potential financial impacts. 
• Assists in the investigation of anomalies and response to confirmed security incidents in line with incident response policies and procedures
• Utilizes security and vulnerability assessment tools internally and externally to identify cyber resilience weaknesses in order to recommend enhancements
• Supports penetration testing and/or vulnerability assessments of Cenlar systems to ensure that suspected or real vulnerabilities are identified, prioritized and remediated
• Works effectively in a matrix managed environment
• Completes all assigned project tasks in accordance with project requirements and deadlines
• Monitors security newsgroups, mailing lists, and postings for information on potential intrusions or security weaknesses where adjustments to the information security controls are warranted
• Stays current on security technologies, techniques, and possible threats to Cenlar
• Stays abreast of current cybersecurity, privacy, risk best practices and maintains strong awareness of access management security concepts, practices, and procedures
• Possesses mature leadership skills, including the ability to present technical concepts in layman’s terms
• Appropriately assess risk when business decisions are made, include but not limited to compliance and operational risk. Demonstrate consideration for Cenlar’s reputation as well as our clients, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.

Qualifications:

• Bachelor’s degree or equivalent experience
• Master’s degree or professional certifications such as CISSP, CISM, GCIH, Encase preferred
• A minimum of 5 to 7 years of direct job experience in Security and Technology controls for Financial Services, preferably mortgage servicing or originations, in any of the following areas: Information Technology, Information Security, Risk & Compliance, and Audit
• Direct experience supporting internal auditors, external auditors, regulatory assessors i.e. OCC, FRB, CFPB, etc.
• Stays abreast of current cybersecurity, privacy, risk best practices and maintains strong awareness of access management security concepts, practices, and procedures
• Possesses mature leadership skills, including the ability to present technical concepts in layman’s terms
• Experience with Black Knight MSP and with cloud concepts and technologies a strong plus
• Experience and familiarity with Internet protocols, services and languages (TCP/IP, Telnet, FTP, HTML), MS-Windows, MS-Office, Linux, MS-SQL or other DBMS’s, Visual Basic, C++/ C#, Powershell and/or other development or scripting languages. 
• Must possess strong documentation skills for drafting and creating: policy, procedure, guidelines, and standards
• Proficient in database structures, specifically creating tables and exports
• Strong command of Security controls and processes, ensures compliance with associated standards (RCSA, IA, OCC)
• Ability to solve problems and drive results without formal authority and with minimal oversight

Additional Requirements for Cyber Incident Response

• Certifications in Azure, Clouds technology, Info security, incident response preferred
• Experience with Forensic software required
• Proficient in Networking, firewalls, and DMZ concepts

Total Rewards:

At Cenlar, you’ll receive an outstanding benefits package that includes paid medical, dental, and life insurance, 401(k), and tuition assistance as well as opportunities for training and professional advancement.

Cenlar is a drug-free workplace and an equal employment opportunity/affirmative action employer M/F/D/V/SO.