BBVA Compass

  • It Security Analyst

    Posted Date 1 week ago(10/9/2018 2:09 PM)
    EOE Statement
    Equal Opportunity Employer - Minority/Female/Disability/Veterans.
  • Responsibilities

    Future of Banking

    At BBVA, we’re working to make banking better for everyone. That’s where you come in. We’re looking for smart, team-oriented people who want to be part of a first-class workforce that gives people the tools they need to meet their financial goals, all while delivering an outstanding client experience.


    Digital transformation is at the heart of BBVA. It’s how we will achieve our purpose to bring the age of opportunity to everyone. Our purpose reflects the bank’s role as a facilitator, offering customers the best banking solutions, helping them make the best financial decisions and making a real difference to their lives. We live in the age of opportunities where technology offers universal access to education and offers many more people than ever before the possibility of embarking on projects and pursuing their dreams.


    Are you a visionary?  Are you revolutionary?  Our Engineering teams are charged with reinventing the banking industry.  We are revolutionizing how banking is done today and how it will be done in the future.  Our team is made up of risk taking, intellectually curious, entrepreneurs who want to create the future of banking.  


    Learn more below.


    What you will be doing.

    • Provide compliance, risk, and controls expertise to support various IT Risk & Compliance initiatives and activities
    • Perform targeted compliance reviews on behalf of the IT Risk & Compliance department
    • Address audit related matters when needed, including oversight, internal facilitation, review and remediation efforts
    • Develop information security policies and standards to align with the policy framework
    • Develop technical and process related documentation, including operating procedures, control manuals, business requirement documents
    • Develop and maintain controls necessary to address regulatory, contractual and executive information security requirements
    • Participate actively in the risk management process
    • Develop internal compliance and risk dashboards
    • Perform remediation activities for non-compliance and monitor implementation progress (as necessary)
    • Routinely report on status of compliance initiatives and remediation activities
    • Engage with stakeholders cross organizationally to ensure IT Risk and Control issues or inquiries are properly addressed
    • Demonstrate entry level knowledge in ISO, COBIT or other information security / IT controls frameworks



    What you will bring:


    • BA/BS (or equivalent experience) required
    • 2+ years’ experience in IT, IT Audit, or equivalent risk management experience
    • Previous technical writing experience
    • Strong critical thinking and problem solving skills; knows when to escalate issues and risks to upper management
    • Strong communication skills – verbal, listening, written, and presentation
    • Strong technical skills (MS Powerpoint, Word, Excel, SharePoint, Project, Visio etc.)
    • Capable of working independently, as well as in team / collaborative settings


    • Demonstrate knowledge in ISO, COBIT or other information security / IT controls frameworks
    • Understanding of IT audit, compliance, and risk management methodologies and/or approaches
    • Basic understanding of present Information Security frameworks, risks, and industry/common technologies


    Preferred Skills:

    • Strong organizational skills; ability to balance multiple tasks simultaneously
    • Excellent interpersonal skills; comfortable dealing with a large span of people from middle tier management to Compliance Analysts
    • Strong relationship management skills; recognizes the benefit of investing in relationships
    • An excellent understanding of business ethics and the ability to keep sensitive information confidential
    • Strong technical writing skills

     Preferred Experience:

    • 2+ years of IT policy, controls, assessment and audit experience or equivalent
    • 2+ years of IT audit, governance, risk or compliance (GRC) experience or equivalent
    • Prior experience working within an IT organization, supporting enterprise level IT functions and processes required
    • Prior experience at Big 4 or comparable a plus

     Preferred Certifications & Training:

    • CISA – Certified Information Systems Auditor (or equivalent preferred)
    • CISSP – Certified Information Systems Security Professional (not required, but a plus)
    • ITIL, or ISO Training (preferred)


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.