play

S&P Global Careers

Apply Now    
JobDescription :





Role:

This role will be responsible for creating, maintaining, implementing and enforcing policies, standards and procedures that support the Information Security organization.  The analyst will function as an integral member of the Information Security team and collaborate with various security, business, audit and IT teams in order to develop and execute a comprehensive Information Security Policies & Governance Program. 

The lead will ensure that security policies, standards, guidelines, communication programs provide comprehensive, coherent, implementable and repeatable processes.  Further, the analyst will assist in maintaining and evolving the necessary governance bodies to support Information Security working with the various S&P Global divisions.   The lead will provide risk assessments and monitor risk tolerance and appetite.  Finally, the lead will assist in regulatory responses, resulting management action plans and requisite follow-up.

 

Key Responsibilities:

  • Responsible for the creation and maintenance of Information Security policies, standards, guidelines and procedures.
    • Translate standard frameworks, recommendations from subject matter experts, and industry best practices into high-quality, coherent and implementable policies, standards and procedures. 

    • Harmonize content of new and updated artifacts with other enterprise policies and standards and security frameworks. 

    • Work closely with the divisions to effectively implement them.

  • Responsible for effectively communicating & highlighting content and roadmaps intended for varied audiences.

  • Collaborate with the Information Security and Risk Management teams on policy and governance related issues and concerns in order to develop update and measure effectiveness of policies, standards and procedures.
    • Create and maintain mechanisms for enforcing policies, procedures, etc. 

    • Ensure procedures and processes are relevant. 

    • Aid in integration with existing and new business processes. 

  • Collaborate with the Information Security team to integrate policies and standards related content into training & awareness programs. 

  • Establish the appropriate metrics and reporting to measure program effectiveness. 

  • Assist in formulating & enacting the necessary governance entities to support Information Security working with S&P Global divisions & Risk Management.  

  • Assist in formulating the risk framework for the group.  

  • Perform information security risk assessments, maintain the information security risk register, and assist in formulating risk tolerance and risk appetite in collaboration with the Chief Risk Officer’s office.  

  • Assist with regulatory responses, resulting management action plans and requisite follow-up.

  • Support other Information Security processes and projects as necessary. 

Qualifications

  • BS or MS - preferably in Computer Science with a concentration in Information Security.

  • Security and risk management certification (e.g. CRISC, CGEIT, CISSP, CISM, CRMA, CISO Certification – from an accredited institution)

  • 5+ years working with IT risk and/or security; prior information security and risk management experience in a financial services company.

  • Experience working in information security and demonstrable understanding of the concepts of information security.  Experience with information security risk assessments and audit.  Knowledgeable with Information Security laws and regulations.  Knowledgeable with Information Security control frameworks and standards. 

  • Experience with NIST 800-53 Rev. 4; ISO 27001/2/5 and OWASP are a plus.

  • Experience working with various financial regulatory entities (SEC, ESMA, FSA, MAS, et al) – a plus.

  • Excellent communication skills.  Ability to communicate with various levels of the organization including technical as well as non-technical audiences.  Great customer service and relationship management skills.  Skilled in executive level presentations and briefings.  Experience managing communication to internal customers.  

  • Demonstrated ability to think creatively while accounting for multiple perspectives in any given scenario.  Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change. 

  • Must be able to work independently and with minimal direct supervision.

  • Focused on how to best convey procedures and information clearly and concisely. 

  • Project Management experience is a plus.

  • Excellent time management, organizational, and decision-making skills.

  • Good judgment, tact, and decision-making ability.


About S&P Global

At S&P Global, we don’t give you intelligence—we give you essential intelligence. The essential intelligence you need to make decisions with conviction. We’re the world’s foremost provider of ratings, benchmarks and analytics in the global capital and commodity markets. Our divisions include:


    • S&P Global Ratings, which provides credit ratings, research and insights essential to driving growth and transparency.
    • S&P Global Market Intelligence, which provides insights into companies, markets and data so that business and financial decisions can be made with conviction.
    • S&P Dow Jones Indices, the world’s largest resource for iconic and innovative indices, which helps investors pinpoint global opportunities.
    • S&P Global Platts, which equips customers to identify and seize opportunities in energy and commodities, stimulating business growth and market transparency.

 

To all recruitment agencies: S&P Global does not accept unsolicited agency resumes. Please do not forward such resumes to any S&P Global employee, office location or website. S&P Global will not be responsible for any fees related such resumes.


S&P Global is an equal opportunity employer committed to making all employment decisions on the basis of merit, capability and equality of opportunity, and without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law, or any other characteristic that has no bearing on a person’s ability to perform his or her job.
Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.

The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.

Job ID :
227662
Posted On :
5-15-2017
Location :
Hightstown, NJ US
Apply Now