Who is Cenlar?
Employee-owners have made Cenlar one of the nation’s largest mortgage subservicers. We have achieved success by empowering people with company ownership, real programs that provide avenues for advancement, and a great atmosphere that makes everyone look forward to the workday. Get your share of our success by considering the opportunity to join our team as a Sr. Security Program Analyst.
The Program Analyst supports the Corporate Security Program in achievement, maintenance, and oversight of best practice and industry standard physical, cyber, and logical controls on all Cenlar computing resources. This position ensures the on-going security control activities occur as defined, are operating effectively, and maintains evidence of compliance with the controls (RCSA, SOC, IA, OCC guidance, best practices). The Program Analyst identifies, presents, and supports implementation of control improvements, recommends process enhancements and automation opportunities to minimize manual control failures, creates documentation, and establishes associated metrics and reporting. The position supports security related projects through active participation, automation implementation and on-going support, and carries out the day-to-day oversight activities associated with user access controls and entitlements, supporting identity and access management best practices. This position has direct engagement with and is the point of escalation for user access administration functions that are aligned to 3rd party vendors or that do not fall under the direct control of the Corporate Security Office. The Analyst works closely with Information Technology, Internal Audit, and Compliance / Privacy.
- Acts as a Subject Matter Expert in access controls, access management, and access governance
- Works effectively in a matrix managed environment
- Leverages tools / models such as Capability Maturity Model (CMM), pivot tables and representative dashboard metrics, Visio diagrams, Powerpoint, Excel macros
- Supports the Director, Identity and Access Management in performing annual risk assessments (FFIEC AIBE, Cyber/FFIEC CAT, SOC testing, GLBA, Physical Security) as assigned
- Conducts existing and identifies new security oversight reviews
- Supports Cenlar’s internal audits, external audits, and examsfor user access controls and supporting evidence
- Participates in investigations of improper access, revoking access, and/or reporting violations
- Communicates unresolved security exposures, misuse, or noncompliance situations to Corporate Security leadership
- Recognizes, identifies potential areas where existing security policies, standards, and procedures require change, or where new ones need to be developed, and creates required documentation
- Validates risks and issues and develops mitigation and remediation recommendations
- Builds cross-functional relationships with business partners
- Bachelor’s degree required
- A minimum of 7+ years of direct job experience in Security and Technology controls for Financial Services, preferably mortgage servicing or originations, in any of the following areas: Information Technology, Information Security, Risk & Compliance, and Audit
- Direct experience supporting internal auditors, external auditors, regulatory assessors i.e. OCC, FRB, CFPB, etc.
- Stays abreast of current cybersecurity, privacy, risk best practices and maintains strong awareness of access management security concepts, practices, and procedures
- Possesses mature leadership skills, including the ability to present technical concepts in layman’s terms
- Experience with Black Knight MSP a strong plus
- Has direct experience with cloud concepts and technologies
- Must have a solid working knowledge of Active Directory / Azure Active Directory user access controls i.e. groups, attributes, etc.
- Must successfully obtain / maintain an industry recertification that aligns to Security, Compliance, Risk or Audit, or related agreed-upon discipline, within 18 months of movement into this position
- Must maintain active membership in at least one professional organization that directly aligns to technology security in Financial Services
- Must possess strong documentation skills for drafting and creating: policy, procedure, guidelines, and standards
- Proficient in database structures, specifically creating tables and exports
- Strong command of Security controls and processes, ensures compliance with associated standards (RCSA, IA, OCC)
- Ability to drive results without formal authority
Cenlar FSB offers outstanding benefits which may include paid medical/dental/life insurance, 401k, employee ownership, tuition assistance, a supportive work environment, and genuine opportunities for advancement. Cenlar is a Drug Free Workplace and an Equal Employment Opportunity/Affirmative Action Employer -- M/F/D/V/SO.
Visit www.cenlar.com for more details.
Please apply online.