BBVA Compass

Security Analyst

Job ID
FLSA Status


Future of Banking

At BBVA, we are working to make banking better for everyone. That is where you come in. We are looking for smart, team oriented people who want to be part of a first-class workforce that gives people the tools they need to meet their financial goals, all while delivering an outstanding client experience.


Learn more below.


What will you be doing?


  • The  Security Analyst will be an integral part of the Security Architecture team which is responsible for enterprise security architecture and strategy.
  • We are responsible for reviewing, designing and advising application teams regarding the implementation of security standards into the SDLC.  
  • The security architecture team supports the Application Security team in analyzing and providing remediation guidance for vulnerabilities within software applications and systems using a variety of tools and methodologies
  • As a member of security architecture, you will be required to provide input into the design for applications
  • As a part of this team, you will assist with the development of the security architecture program which meets regulatory requirements and aligns with industry security practices.
  • We regularly create advisory and strategy documents, conduct proof-of-concept evaluations, and determine optimal ways of integrating technology into new and existing processes
  • We must apply and determine the impact of the introduction of new and emerging programming methods, technologies, and industry trends on the security posture of BBVA Compass' enterprise applications and development methodology.
  • We must also contribute to the development and maintenance of the information security strategy, policies and procedures


Additional responsibilities of the Security Analyst include:


  • An administration and operational role with the security stack including
    • Adding/Modifying user access to systems
    • Adding/Modifying user authorization rules within the security stack
    • Developing and integrating applications into the security stack
    • Becoming a subject matter expert in the security stack
    • Developing documentation and streamlined processes for Lines of Business to request changes to the security stack
  • 24/7 tier 2 support availability for configuration issues in the security stack
  • Maintaining a relationship with global teams for support of the security stack
  • Defining and maintaining a support model for the security stack and its integrations
  • Development of cloud based security tools/controls


What you will bring.


  • Working knowledge of or willingness to learn common web application security vulnerabilities (OWASP Top Ten, etc.) and programming patterns that lead to them, as well as remediation techniques
  • Experience with REST APIs a plus
  • Experience with software security testing (static and dynamic analysis) a plus
  • Experience with enterprise applications (architecture, development, and support) preferred
  • Working knowledge of authentication and identity management technologies preferred
  • Working knowledge of cryptography and proper application to real-world situations a plus
  • Ability to think through how cyber-attacks may be carried out and how they can be disrupted
  • Ability to work in both agile and waterfall projects and understand the implications of when and how to be engaged in each
  • Ability to understand fundamental differences between cloud technology, specifically IaaS, and on premise solutions
  • Must be a relationship builder and capable of functioning with limited oversight
  • Must manage ambiguity and be able to define clear goals and plans from it
  • Must be able to consider business perspectives in projects and find solutions rather than focus on a black and white solution of yes or no



Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.