BBVA Compass

  • IT- Security Analyst-Entity Management

    Job ID
    FLSA Status
  • Overview

    At BBVA, we are working to make banking better for everyone. That is where you come in. We are looking for smart, team oriented people who want to be part of a first-class workforce that gives people the tools they need to meet their financial goals, all while delivering an outstanding client experience. Learn more below.



    About the Role

    The candidate will join the entity management team to build and evolve Information Security, IT Risk and Fraud governance program across BBVA US subsidiaries. The candidate will work within the Information Security & Engineering Risk area reporting to the Director of Entity Management. The candidate should have extensive knowledge of information security and demonstrated working experience on risk maturity assessments along with strong communication and interpersonal skills to partner with stakeholders across multiple entities.


    What you will do: 

    Assessing Entities Risk Exposure 
    - Assess across entities inherent risk , evaluate level of maturity, as is status and work with                                 the entities to establish a roadmap to achieve desired levels of maturity. 
    Create and run a Governance program 
    - Define a governance model to follow-up entities performance. Create dashboards and KPIs                         to be provided by the companies in regular basis.   - Prepare periodic reporting to Leadership and organize and coordinate the committees and                         follow-ups that will be supporting the entity Management governance.  - Define and design key metrics and relevant info to be provided by the companies in a  regular basis  - Identify information sources and create data feeds and generate reports and dashboard at  entity level and BBVA US level. 
      Entities Demand Management  - The candidate will build partnership with the key stakeholders across entities managing  new initiatives coming from them that require :  - Risk evaluation in regard to Infosec, Fraud , IT Risk and Business continuity  - Evaluate operational impact in bank process to allocate a provide services to the  entity.  - Evaluate technological impact.  - Serve as a liaison between bank and subject matter experts to Provide strategic  consultancy.    Support and Monitor Entities Operations 
    - Provide daily support for Troubleshooting on Entities Operations relying on the bank                         Information Security and Engineering Risk processes.  - Build model to track how IS&ER services are being provided to entities.  
    Knowledge Management 
    - Develop a community of knowledge across entities in regard to IS&ER  - Leverage existing procedures, policies and standards and spread its usage across entities.  - Share Best practices and strategy  


    What you will bring: 

    • Up to 5 years experience in an Information Security position  
    • Up to 5 years of experience in Banking or financial services industry 
    • 4 or more years of experience participating in and supporting internal and external security , IT  and fraud risk maturity assessments and audits. 
    • 4+ years' experience working within and participating in the maturation of IT risk and control programs, technology risk registries, and supporting evidence for audits and regulatory reviews,  
    • Knowledge of information security and/auditing processes and experience facilitating Information
    • Security maturity assessments 
    • Strong working knowledge of relevant assessment frameworks and/or standards (e.g., ​FFIEC Cybersecurity Assessment Tool (CAT), ​ISO/27000 Series, NIST, ISO, COBIT, COSO, PCI, ...) 
    • Experience working with banking and financial services regulations 
    • Experience facilitating Information Security, Fraud and IT Risk maturity assessments, Execute          periodic reviews on the security provisioning related to security policies, standards and guidelines 
    • Extensive knowledge of security, risk, compliance, privacy and audit processes, methodologies,        policies and tools 
    • One or more of the following certifications: CISSP, CISM, CISA 
    • Coordinate the development and assurance of senior executive and board level reporting and    supporting materials 
    • Understanding of corporate security policies, procedures, and standards and periodically evaluate BBVA’s subsidiaries adherence to corporate security policies/standards/procedures 
    • Ability to produce briefings and reports for senior-level audiences 
    • Excellent organizational, documentation, presentation and communication skills 
    • Excellent interpersonal skills – ability to interact with all levels of staff 
    • Spanish proficiency a plus 
    • Willingness to travel within US


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.