Prudential’s is seeking an Information Security Senior Associate to support the GBTS Business Information Security Office (BISO). The ideal candidate will be a driven, self-motivated and highly articulate individual who can complete tasks with little supervision. You must be versatile enough to engage in multiple ongoing activities on the BISO team and have the interpersonal skills to collaborate with personnel from other departments within the company. You must also have a basic knowledge of information security & risk mitigation in order to fully carry out their responsibilities.
Responsibilities include, but are not limited to, the following:
Onboarding new applications for security administration processes such as provisioning, termination/transfer management and periodic access recertifications. This will require extensive collaboration with the individuals who own the IT resource and our security administration team to ensure processes are adequately designed and configured.
Execute recertification program including managing the recertification schedule to ensure that access reviews are conducted in a timely and efficient manner. This responsibility will include providing support to those involved in the recertification process.
Perform monitoring of privileged access to resources such as applications, systems, servers, desktops, internet filter groups and any other resources that are deemed necessary for monitoring.
Execute on Security Awareness program within GBTS that includes planning for the full year and execution on the plan. The program will include developing draft awareness content and ensuring that adequate reviews are conducted prior to distribution of awareness artifact.
Perform security assessment reviews of systems within GBTS in support of our Application Security Risk Assessment & System Security Assessment program. This will include follow up on any observations raised as part of the assessments.
Participate in vendor governance reviews including reviewing answers to questions provided by vendor, formulating follow-up question and managing issues/observations that require remediation by the vendor or by the Prudential vendor engagement.
Execute Data Loss Prevention program including monitoring of incidents identified within our DLP system, escalating incidents, as needed, and evaluating the effectiveness of our DLP policies on a continuous basis.
Manage all of our SOPs including facilitation of reviews with BISO team process owners and ensuring that all processes have necessary SOPs.
Bachelor's degree in Information Technology, any related field or equivalent work experience required
Three to five years of professional experience in the information security or IT risk management discipline
Information Technology or Risk Management certification (CISSP, CISA, CISM, CRISC) or progress in achieving certification
Solid knowledge of information technology / processes such as DLP, Third Party Risk, Access Recertification, Service Accounts, etc.
Strong organizational skills and should be able to articulate complex risk and controls