Banc of California

Apply for this job

Junior IT Security Compliance Analyst (TEMP up to 12mos) (Education)



Junior IT Security Compliance Analyst (TEMP up to 12mos)

Banc of California, Inc. (NYSE: BANC) is a bank holding company with approximately $9.4 billion in assets and one wholly-owned banking subsidiary, Banc of California, N.A. (the “Bank”). With our 600+ dedicated professionals, we provide customized and innovative banking and lending solutions to businesses, entrepreneurs and individuals throughout California. We proudly partner with community organizations that provide financial literacy, job training, small business support, and affordable housing to help improve the communities where we live and work. With a commitment to service and building enduring relationships, we provide a higher standard of banking.

JOB SUMMARY:
We are seeking a Junior IT Security Compliance Analyst with expertise in creating comprehensive CIS benchmark (Center for Internet Security) document packages, as well as developing risk acceptance and exceptions rationales. The role will involve supporting the organization in maintaining a robust security posture by documenting and communicating security policies, risk assessments, and exceptions.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  1. CIS Document Packages: Create and maintain document packages based on CIS benchmarks, including security policies, standards, guidelines, and procedures. Ensure that these documents align with industry best practices and regulatory requirements.
  2. Reconciliation of CIS Settings: Perform detailed analysis and comparison of CIS benchmark settings against automated scan results to identify any discrepancies or vulnerabilities. 
  3. Risk Acceptance and Exceptions: Collaborate with stakeholders to identify and assess security risks and exceptions. Develop and document risk acceptance justifications and exception rationales, ensuring clear communication and understanding of associated risks.
  4. Compliance Documentation: Assist in the creation and maintenance of compliance-related documents, including security control mappings, audit reports, and evidence collection procedures. Ensure alignment with regulatory requirements and industry frameworks.
  5. Documentation Review: Review existing security documentation to identify gaps, inconsistencies, or outdated information. Collaborate with relevant teams to update and enhance documentation as needed.
  6. Documentation Standards: Develop and adhere to documentation standards, templates, and guidelines to ensure consistency, accuracy, and readability across all security-related documents.
  7. Industry Best Practices: Stay updated with the latest security trends, frameworks, and standards to enhance the effectiveness and relevance of security documentation.
  8. Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
  9. Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
  10. Follows policies and procedures; completes tasks correctly and on time; supports the company's goals and values.
  11. Performs the position safely, without endangering the health or safety to themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one's own actions and conduct.
  12. Performs other duties and projects as assigned.

Banc of California is an equal opportunity employer committed to creating a diverse workforce. All qualified applicants will receive consideration for employment without regard to age (40 and over), ancestry, color, religious creed (including religious dress and grooming practices), denial of Family and Medical Care Leave, disability (mental and physical) including HIV and AIDS, marital status, medical condition (cancer and genetic characteristics), genetic information, military and veteran status, national origin (including language use restrictions), race, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), gender, gender identity, gender expression, and sexual orientation. If you require reasonable accommodation as part of the application process please contact Talent Acquisition Partner.

ESSENTIAL KNOWLEDGE, SKILLS, AND ABILITIES:
  • Strong understanding of CIS benchmarks and the ability to apply them to various technology platforms and documenting security controls and practices.
  • Experience with automated scanning tools, such as Tenable Security Center (Nessus) and Rapid7, and Microsoft configuration tools, such as Windows Group Policies and Microsoft Intune.
  • Proficiency in using the Windows Office Suite, particularly Excel, for data analysis and reporting.
  • Excellent written and verbal communication skills with the ability to convey complex information clearly and concisely.
  • Attention to detail and proficiency in creating well-structured, organized, and professional documents.
  • Familiarity with risk assessment methodologies and the ability to develop risk acceptance and exception rationales.
  • Experience in reviewing and enhancing security-related documents for accuracy, completeness, and adherence to standards.
  • Strong collaboration and interpersonal skills to work effectively with cross-functional teams and stakeholders.
  • Familiarity with document management systems and tools for efficient organization and version control.  
  • Demonstrates knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position including but not limited to the following: Regulation Z (Truth in Lending Act), Regulation B (Equal Credit Opportunity Act), Fair Housing Act (FHA), Home Mortgage Disclosure Act (HMDA), Real Estate Settlement Procedures Act (RESPA), Fair Credit Reporting Act (FCRA), Bank Secrecy Act (BSA) in conjunction with the USA PATRIOT Act, Anti-Money Laundering (AML) and Customer Information Program (CIP), Right to Financial Privacy Act (RFPA, state and federal) and Community Reinvestment Act (CRA)

EDUCATION, EXPERIENCE AND/OR LICENSES:
  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified in Risk and Information Systems Control (CRISC) are beneficial but not mandatory.

SALARY RANGE: $46,673.24 - 76,159.02; Exact compensation may vary based on skills, experience, and location. 

Apply