Senior Principal Cybersecurity Analyst, CAT
Financial Industry Regulatory Authority, Inc., Rockville, MD, United States
Senior Principal Cybersecurity Analyst, CAT page is loaded## Senior Principal Cybersecurity Analyst, CATlocations:
Rockville, MD (Job Posting)time type:
Full timeposted on:
Posted 3 Days Agojob requisition id:
R-009777The Senior Principal Cybersecurity Analyst in FINRA CAT is responsible for leading, supporting, and promoting the development, deployment, operation, monitoring, documentation, and oversight of cybersecurity controls and processes.**Essential Job Functions:*** Manages and communicates cybersecurity threats, risks, and state of controls to the Chief Information Security Officer (CISO) and stakeholders.* Implements and operates security controls and automation across multiple cybersecurity subdomains. Ensures security controls are well designed, effectively implemented, and aligned with organizational policies. Designs and implements automated solutions for efficiently managing cybersecurity risk including use of state-of-the-art tools and technologies such as generative AI to optimize risk management outcomes where appropriate.* Utilizes a variety of tools and resources to identify cyber security threats, vulnerabilities, configuration defects, and other deficiencies to determine root cause and manage remediation strategies and countermeasures.* Establishes and executes security processes and procedures across multiple cybersecurity domains, including but not limited to access management, risk management, and audit and compliance (include as relates to NIST SP 800).* Defines, enforces, and promotes information security policies and related governance artifacts and processes.* Ensures compliance with applicable regulatory and contractual requirements, including maintaining the artifacts and processes necessary for NIST SP 800 compliance.* Manages security vendor relationships; ensure vendors comply with contractual commitments. Typical examples include vendors support periodic penetration testing, red team exercises, and IV&Vs.* Demonstrates FINRA’s values.* Collaborates, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.**Education/Experience Requirements:*** Bachelor’s degree in computer science, computer engineering, cybersecurity, or technical field preferred and a minimum of eight (8) years of related experience.* Experience in multiple cybersecurity domains appropriate to the job description, including designing, implementing, operating, monitoring, and assessing security controls for cloud-based systems such as AWS required.* Substantial experience designing, implementing, and operating a variety of tools and resources to identify cyber security threats, vulnerabilities, configuration defects, and other deficiencies to determine root cause and manage remediation strategies and countermeasures.* Hands-on coding experience desired, especially as applied to creating tools and automation to customize, optimize, and enhance security controls.* Understanding of common cybersecurity vulnerabilities and attack patterns and ability to explain how they are both exploited and countered.* Experience supporting compliance with security frameworks, especially NIST 800, desirable.* Must demonstrate intellectual curiosity and attention to detail, with strong verbal and written communication skills**Working Conditions:*** Hybrid work environment, with defined in-person presence requirements.* Occasional travel and extended hours may be required.For work that is performed in CO, FL, TX, IL, PA, MA, MD, VA, Washington, DC, NY and NJ, please refer to the chart below for the salary range for the corresponding location. FINRA complies with all state and local pay transparency laws and regulations requiring the disclosure of salary ranges for the position. In addition to location, actual compensation is based on various factors, including but not limited to, the candidate’s skill set, level of experience, education, and market considerations. CO/FL/TX: Minimum Salary $111,400, Maximum Salary $202,100IL/PA: Minimum Salary $122,800, Maximum Salary $222,400
MA/MD/VA/Washington, DC: Minimum Salary $128,000, Maximum Salary $232,500NY/NJ: Minimum Salary $128,000, Maximum Salary $242,600#LI-Hybrid**To be considered for this position, please submit an application.**
**Applications are accepted on an ongoing basis.***The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.****Please note: If the “Apply Now” button on a job board posting does not take you directly to the FINRA Careers site, enter www.finra.org/careers***Employees may be eligible for a discretionary bonus in addition to base pay. Non-exempt employees are also eligible for overtime pay in accordance with federal, state, or local law. As part of its dedication to employee wellness, FINRA provides comprehensive health, dental and vision insurance. Additional insurance includes basic life, accidental death and dismemberment, supplemental life, spouse/domestic partner and dependent life, and spouse/domestic partner and dependent accidental death and dismemberment, short- and long-term disability, long-term care, business travel accident, disability and legal. FINRA offers immediate participation and vesting in a 401(k) plan with company match and eligibility for participation in an additional FINRA-funded retirement contribution, tuition reimbursement, commuter benefits, and other benefits that support employee wellness, such as adoption assistance, backup family care, surrogacy benefits, employee assistance, and wellness programs.Time Off and Paid Leave\*FINRA encourages its employees to focus on their health and wellness in many ways, including through a generous time-off program of 15 days of paid time off, 5 personal days and 9 sick days, unless otherwise required by law (all pro-rated in the first year). Additionally, we are proud to support our communities by providing two volunteer service days (based on full-time schedule). Other paid leave includes military leave, jury duty leave, bereavement leave, voting and election official leave for federal, state or local primary and general elections, care of a family member leave (available after 90 days of employment); and childbirth and parental leave (available after 90 days of employment). Full-time employees receive nine paid holidays.\*Based on full-time schedule**Important Information**FINRA’s Code of Conduct imposes restrictions on employees’ investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. **All of those accounts are subject to the Code’s investment and securities account restrictions, and new employees must comply with those investment restrictions—including disposing of any security issued by a company on FINRA’s Prohibited Company List or obtaining a written waiver from their Executive Vice President—by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.**You can read more about these restrictions .As standard practice, employees must also execute FINRA’s Employee #J-18808-Ljbffr
Rockville, MD (Job Posting)time type:
Full timeposted on:
Posted 3 Days Agojob requisition id:
R-009777The Senior Principal Cybersecurity Analyst in FINRA CAT is responsible for leading, supporting, and promoting the development, deployment, operation, monitoring, documentation, and oversight of cybersecurity controls and processes.**Essential Job Functions:*** Manages and communicates cybersecurity threats, risks, and state of controls to the Chief Information Security Officer (CISO) and stakeholders.* Implements and operates security controls and automation across multiple cybersecurity subdomains. Ensures security controls are well designed, effectively implemented, and aligned with organizational policies. Designs and implements automated solutions for efficiently managing cybersecurity risk including use of state-of-the-art tools and technologies such as generative AI to optimize risk management outcomes where appropriate.* Utilizes a variety of tools and resources to identify cyber security threats, vulnerabilities, configuration defects, and other deficiencies to determine root cause and manage remediation strategies and countermeasures.* Establishes and executes security processes and procedures across multiple cybersecurity domains, including but not limited to access management, risk management, and audit and compliance (include as relates to NIST SP 800).* Defines, enforces, and promotes information security policies and related governance artifacts and processes.* Ensures compliance with applicable regulatory and contractual requirements, including maintaining the artifacts and processes necessary for NIST SP 800 compliance.* Manages security vendor relationships; ensure vendors comply with contractual commitments. Typical examples include vendors support periodic penetration testing, red team exercises, and IV&Vs.* Demonstrates FINRA’s values.* Collaborates, both in-person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.**Education/Experience Requirements:*** Bachelor’s degree in computer science, computer engineering, cybersecurity, or technical field preferred and a minimum of eight (8) years of related experience.* Experience in multiple cybersecurity domains appropriate to the job description, including designing, implementing, operating, monitoring, and assessing security controls for cloud-based systems such as AWS required.* Substantial experience designing, implementing, and operating a variety of tools and resources to identify cyber security threats, vulnerabilities, configuration defects, and other deficiencies to determine root cause and manage remediation strategies and countermeasures.* Hands-on coding experience desired, especially as applied to creating tools and automation to customize, optimize, and enhance security controls.* Understanding of common cybersecurity vulnerabilities and attack patterns and ability to explain how they are both exploited and countered.* Experience supporting compliance with security frameworks, especially NIST 800, desirable.* Must demonstrate intellectual curiosity and attention to detail, with strong verbal and written communication skills**Working Conditions:*** Hybrid work environment, with defined in-person presence requirements.* Occasional travel and extended hours may be required.For work that is performed in CO, FL, TX, IL, PA, MA, MD, VA, Washington, DC, NY and NJ, please refer to the chart below for the salary range for the corresponding location. FINRA complies with all state and local pay transparency laws and regulations requiring the disclosure of salary ranges for the position. In addition to location, actual compensation is based on various factors, including but not limited to, the candidate’s skill set, level of experience, education, and market considerations. CO/FL/TX: Minimum Salary $111,400, Maximum Salary $202,100IL/PA: Minimum Salary $122,800, Maximum Salary $222,400
MA/MD/VA/Washington, DC: Minimum Salary $128,000, Maximum Salary $232,500NY/NJ: Minimum Salary $128,000, Maximum Salary $242,600#LI-Hybrid**To be considered for this position, please submit an application.**
**Applications are accepted on an ongoing basis.***The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.****Please note: If the “Apply Now” button on a job board posting does not take you directly to the FINRA Careers site, enter www.finra.org/careers***Employees may be eligible for a discretionary bonus in addition to base pay. Non-exempt employees are also eligible for overtime pay in accordance with federal, state, or local law. As part of its dedication to employee wellness, FINRA provides comprehensive health, dental and vision insurance. Additional insurance includes basic life, accidental death and dismemberment, supplemental life, spouse/domestic partner and dependent life, and spouse/domestic partner and dependent accidental death and dismemberment, short- and long-term disability, long-term care, business travel accident, disability and legal. FINRA offers immediate participation and vesting in a 401(k) plan with company match and eligibility for participation in an additional FINRA-funded retirement contribution, tuition reimbursement, commuter benefits, and other benefits that support employee wellness, such as adoption assistance, backup family care, surrogacy benefits, employee assistance, and wellness programs.Time Off and Paid Leave\*FINRA encourages its employees to focus on their health and wellness in many ways, including through a generous time-off program of 15 days of paid time off, 5 personal days and 9 sick days, unless otherwise required by law (all pro-rated in the first year). Additionally, we are proud to support our communities by providing two volunteer service days (based on full-time schedule). Other paid leave includes military leave, jury duty leave, bereavement leave, voting and election official leave for federal, state or local primary and general elections, care of a family member leave (available after 90 days of employment); and childbirth and parental leave (available after 90 days of employment). Full-time employees receive nine paid holidays.\*Based on full-time schedule**Important Information**FINRA’s Code of Conduct imposes restrictions on employees’ investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. **All of those accounts are subject to the Code’s investment and securities account restrictions, and new employees must comply with those investment restrictions—including disposing of any security issued by a company on FINRA’s Prohibited Company List or obtaining a written waiver from their Executive Vice President—by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.**You can read more about these restrictions .As standard practice, employees must also execute FINRA’s Employee #J-18808-Ljbffr