> > Hi, > > Please go through the requirement let me know if you have suitable > consultants. > * > *Title:* *Security Controls Analyst > Location: Salt Lake City, UT > Duration: 1 Year > Job Type: Contract > Start: Immediate > Rate: $45-50/hr C2C AI > * > **Required Technical Capabilities: > *Following are essential capabilities: > - Financial Industry Regulatory requirements > - Practical knowledge and experience of risk management techniques and > practices (including security risk assessment) > - Practical knowledge and experience of information security principles > and tooling including encryption, PKI, authentication protocols/services, > privileged account management and role based access control > - Technical security engineering knowledge and experience > - Retains up-to-date knowledge of industry information security risk and > technology developments > - Knowledge of a broad range of technologies with the ability to quickly > grasp the security implications of new technologies and changes > - Specific skills in secure application development > - Excellent communicator – verbal and written > - Stamina and determination – A strong sense of initiative, a ‘can do’ > attitude and a deep drive to improve service quality > - Intellectually strong – Able to balance business and technical drivers > with excellent problem management skills > > Following are desirable additional technical capabilities: > Specific skills in: > - Database security (Oracle, Sybase or SQL) > - Unix / Linux > - Active Directory > - LDAP and Kerberos / NIS / NIS+ > - Windows 2000/2003/XP > - Secure application development techniques > - IIS / Apache / Web server security > -.NET, ASP > - JAVA > - XML > - SSO / identity management > - PKI & encryption technologies > - Authentication mechanisms > - Firewall technologies > > *Qualifications: > *Following are essential capabilities: > - Bachelor’s Degree or equivalent experience in Information Technology > - Minimum one of the Industry certifications such as CISSP, CISA, CISM, > CEH, CGEIT or CRISC > - 5+ years experience in Information Security with minimum 3 years > hands-on experience in any of the security roles of Network, Operating > System, Application or Database administration combined with Risk > Assessment responsibility > - In-depth knowledge in Authentication, Cryptography, Secure Development, > Network Security and Operational Security > - Excellent problem solving, analytical, communication, organization, task > and time management skills > - Ability to work independently and as part of a team > - Technical documentation > > *Following are desirable additional experience: > *- Previous experience in a Financial Services firm a plus > - Business Presentation skills > > Perform regional testing activities based on the Technology Risk and > Controls Assessment (“RACA”) Framework > - Assess the adequacy and effectiveness of the 1st line of defense > controls by M&IB Americas Technology > - Coordinate and consolidate RACA test results by the SOx team and global > team. > - Ensure that the RACA framework is fit for purpose. > > > *Key Responsibilities: > *Strategic Progress > Developing and delivering strategic goals > - Business Model: Ensure that the global RACA framework is effectively > implemented in the M&IB Americas Technology environment via control testing > activities. > - Governance: Create and maintain an effective and efficient governance > structure across M&IB Americas Technology, based on the principles of “Good > Corporate Governance”. Ensure that adequate governance exists over the > regional RACA testing program. > - Culture: Define, drive and shape the culture of the business to embed > strategic goals throughout all levels: client focus, high performance > business, strong control. The RACA testing program will lead to a robust > control culture in the M&IB Americas Technology control environment. > Business Delivery and Financial Performance > Setting clear, measurable near term financial goals and deliverables > - Efficiency and Cost Management: Maintain a culture of cost consciousness > and operational excellence across the firm. Ensure remediation action plans > are cost effective. > Customer Expectations > > Meeting and exceeding customer and stakeholder expectations > - Client Focus: Promoting client focus throughout communications and > client engagement. Ensure adequate understanding and consideration of the > control environment when performing testing activities. > - Customer Delivery: Deliver accurate and timely data required by > stakeholders to manage technology risk matter effectively. Communicate > clearly and timely with the stakeholders on risk issues identified. > - Reputation: Build, safeguard and uphold the reputation of RBS Group > across all stakeholders: investors, press, politicians, public, staff, > clients, etc. > - Regulatory Relations: Provide accurate and timely data requested by > regulators, industry associations, policy makers, etc in their reviews. > Document test results clearly and organize the test evidence collected to > enhance the understanding of the testing activities. > > Risk, Efficiency and Control > Setting clear goals, internal controls, risk management, business > efficiency, improvement and effectiveness > - Line of Defense: [Mandatory; 1st LD, 2nd LD or 3rd LD, use link to > access guidance as appropriate. e.g. All staff in the first line should > add the following > 1st LD: To be accountable for owning and managing, within a defined risk > appetite, the risks which exist in your business area > - Establish and maintain risk assessments to identify and assess the > material risks that arise in their area of responsibility > - Comply with relevant Group Policies, testing and certifying the adequacy > and effectiveness of their controls on a regular basis > - Conduct Risk: [Mandatory]: To be accountable for ensuring you > understand, uphold and promote the Conduct Risk standard pillars: > - Employee Conduct > - Corporate Conduct > - Market Conduct > - Conduct Towards our Customers > > - Risk Appetite and Business Quality: Ensure business is conducted within > its risk appetite which should include credit risk, conduct risk, > operational risk management, market risk management, reputational risk, > compliance, AML/KYC and business continuity management. > - Operating Disciplines and Controls: Establish and maintain operations, > controls, risk assessments and assurance programmes, monitoring of risk and > controls to identify, assess and manage any material risks which may > arise. Based on the tests completed, assess the quality of the control > environment of M&IB Americas Technology and provide input to the > semi-annual CEC process. > - Risk Culture: Set the tone from the top by promoting appropriate > business and risk aware behaviours and requiring compliance with all > statutory and regulatory requirements and RBS Group policies. > - EC Commitments: Receive and consider issues related to commitments in > the European Commission State Aid Deed for M&IB Americas Technology as > appropriate to the business > - Business Continuity: Ensure the business continuity process is > adequately understood and followed by the M&IB Americas Technology Audit > and Risk Management team. Participate in relevant business continuity > activities such as call-tree exercises > > Experience – What previous experience is required for the role? > Essential/Desirable > - Control testing experience or equivalent experience in Information > Technology or Audit > - Interacting with personnel of all levels > - Experience of working within complex global organisations > - Experience of building relationships with key business leaders and > senior customers in Technology > - Complex technology control testing experiences > - Risk issues reporting experiences > > Best Regards, > * > **Praveen Kumar Gouribhatla > *Sr. Business Development Manager > Swift Solutions, Inc. > 4819 Emperor Blvd, Suite: 400, Durham, NC 27703 > Tel: 919-313-0888 | Fax: 732-782-0388 > Email: prav...@swiftsolinc.com > Linkedin: http://www.linkedin.com/in/gouribhatla > Gtalk | Yahoo: "Pundits.Recruiting" > Open Jobs: http://www.jobseekerstab.com > > *Swift Solutions Inc participates in E-Verify program of USCIS*
-- You received this message because you are subscribed to the Google Groups "SAP ABAP" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-abap+unsubscr...@googlegroups.com. To post to this group, send email to sap-abap@googlegroups.com. Visit this group at http://groups.google.com/group/sap-abap. For more options, visit https://groups.google.com/groups/opt_out.
