Shire Jobs

Mobile Shire Logo
Home View All Jobs (2,179,530)

Job Information

TIAA CW - Sr Information Security Gov & Risk Specialist in Denver, Colorado

This is a Non-Employee Contingent Worker Role providing services for TIAA’s family of companies and will be employed by TIAA's preferred 3rd Party Supplier. As a Non-Employee CW, perform a variety of moderately complex business planning, support, and project-related duties. Demonstrates an exceptional standard of quality and holds themselves accountable to achieving excellent results.

This role will sit onsite, likely in a hybrid capacity, at the location(s) listed in this posting.

The anticipated term of this engagement will be 6 months. This term could be extended based on company business needs.

CW-Cyber Security Analyst II

The Information Security Analyst participates in the development, communication, implementation, enforcement and monitoring of security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure or destruction. Under general supervision, this job is responsible for performing tests and monitoring security controls that prevent IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction of the organization's information systems and IT assets.

Key Responsibilities and Duties

  • Designs, tests and implements secure operating systems, networks and databases for the organization.

  • Performs difficult risk assessments and executes tests of data processing system to ensure functioning of data processing activities and security measures.

  • Conducts auditing of passwords, network based and Web application based vulnerability scanning, virus management and intrusion detection.

  • Conducts risk audits and assessments and provides recommendations for application design.

  • Analyzes system access logs, ensuring only permitted individuals have access to company information.

  • Monitors use of data files and regulates access to safeguard information in computer files.

  • Monitors current reports of computer viruses to determine when to update virus protection systems.

  • Reviews violations of computer security procedures and alerts managers of issues that arise.

Educational Requirements

  • University (Degree) Preferred

Work Experience

  • 2+ Years Required; 3+ Years Preferred

Physical Requirements

  • Physical Requirements: Sedentary Work

Career Level

6IC

Info Security Gov & Risk Specialist

Defines, enhances, and implements information security configuration controls, while ensuring consistent and effective information security administration procedures and processes.

Key Responsibilities and Duties

  • Review industry configuration safeguards and monitor compliance for infrastructure assets: databases, workstations, network, middleware, servers, cloud services, and mobile

  • Partners with multiple business stakeholders to drive work and monitor through completion

  • Analyze internal information security controls and convert control criteria and their severity into functional compliance scanning results

  • Create and support program governance documentation such as standard operating procedures, control assessments and training materials

  • Monitor industry security updates, technologies and best practices to improve security management

  • Generate metrics and reports in assigned functional business area to inform decisions on tactical issues that impact the business

  • Perform QA/QC activities to drive configuration management program maturity

  • Support remediation efforts through gap identification and action plan creation to operationalize scan results

  • Participates in various tool testing and validation efforts for on-prem and cloud scanning

Required Qualifications

  • Bachelor’s degree in IT or Cybersecurity

  • Experience with developing, customizing, reviewing and updating a wide range of enterprise security configuration baselines, with input from subject matter experts

  • Experience interpreting and applying CIS Benchmarks, DISA STIGs, SRGs , and has an awareness of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)

  • 1 year of direct experience working with teams in an agile and horizontal environment

  • Experience with remediation activities within Cybersecurity

  • Ability to translate the low-level security baseline requirements into security baselines

  • Ability to work independently to anticipate needs, support a changing landscape and willingness to act with minimal supervision

Preferred Qualifications:

  • Knowledge and understanding of technology operations/processes, as well as experience with evaluating technology-related risks and controls

  • Experience in working with the NIST 800 Special Publication series and providing guidance for risk management and security control implementation, including 800-53 and others.

  • Experience with one or more of the following technologies: Networking (including CISCO or Palo Alto); Operating Systems (including Windows Server, RedHat, or Linux); Cloud Services (including GCP, AWS, and Azure)

  • Ability to apply a technical skill set to research and document industry knowledge and best practices with established or newly released applicable security controls

  • Written and verbal communication skills: articulate and effective communicator and presenter, able to describe complex problems in both technical and business terms

  • Demonstrated experience learning new technologies

  • Experience with an Agile methodology

  • Knowledge of ServiceNow and Archer

Start Date: 24-Jun-2024

End Date: 31-Dec-2024

Travel Required: No

Anticipated Posting End Date:

2024-06-28

Base Pay Range: $30.91/hr. - $43.60/hr.

Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location.

Equal Opportunity

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Read more about the Equal Opportunity Law here (https://www.dol.gov/general/topics/posters) .

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: accessibility.support@tiaa.org

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .

For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .

TIAA started out over 100 years ago to help ensure teachers could retire with dignity. Today, many people who work at not-for-profits rely on our wide range of financial products and services to support and strengthen their financial well-being.

Privacy Notices

  • For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .

  • For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .

  • For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .

  • For Applicants of Greenwood residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-privacy) .

  • For Applicants of Greenwood residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-portuguese-privacy) .

  • For Applicants of Westchester residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-privacy) .

  • For Applicants of Westchester residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-portuguese-privacy) .

Nondiscrimination & Equal Opportunity Employment

TIAA is committed to providing equal opportunity across all employment practices and we believe our employees have a right to a diverse and inclusive workplace.

EEO is the Law (https://assets.phenompeople.com/CareerConnectResources/TIAAGLOBAL/documents/22-088_EEOC_KnowYourRights-1688394514088.pdf)

Pay Transparency

Philadelphia Ban the Box (https://www.phila.gov/media/20210423160847/Fair-Chance-Hiring-law-poster.pdf)

DirectEmployers