Willis Towers Watson Retirement Systems Information Security Analyst in Arlington, Virginia
Retirement Systems Information Security Analyst
Date Posted: August 14, 2018
Not ready to Apply?
The Retirement Systems Group has a significant footprint within the WTW framework regarding the number of applications used internally and externally. Clients require compliance with certain information security standards and as well as other standards such as SOC2. As a result, we must ensure security guidelines and requirements are adhered to. The Information Security Analyst will act as the department’s spokesperson and must understand each application function and purpose, how they are accessed, how data is stored and used, etc.
This role sits within the Development and Framework group and plays a key part in managing the security questionnaires, managing disaster recovery testing, managing SOC2 audits and owning the internal controls for penetration testing for each of the client facing applications within the Retirement Systems Groups North America applications. You will work closely across all product team developers and managers to help coordinate best practices for disaster recovery as well as encryption and access.
WHILE THE PREFERENCE IS FOR THIS ROLE TO BE BASED IN WASHINGTON OR PHILADELPHIA, WE WILL CONSIDER QUALIFIED CANDIDATES FROM ANY OF OUR U.S. BASED OFFICES. HOWEVER, THIS COLLEAGUE MUST BE ABLE TO WORK DURING EASTERN TIME ZONE HOURS.
Work directly with client management and security teams as well as third parties and auditors is required.
Consult with all levels of internal and external clients.
Answer client questions on security for multiple applications. Work with development teams when standard responses are not present.
Engage/Coach managers outside of the department. E.g., Enhance WTW Account Directors’ knowledge about security of our applications so they can present these standards to clients
Write standardized documents on application security reflecting our security standards.
Work with WTW Information Security Client Support team to timely respond to client requests
Play an active role in managing the various disaster recovery exercise projects annually
Assist in the management of the annual SOC 2 audit as well as on-demand company requested audits
Initiate and manage penetration testing on client-facing applications
3+ years of experience working IT Security.
Additionally, some consulting experience with direct client engagements, preferably reviewing documentation and evangelizing with clients on technical and security aspects of applications. Ability to build relations with internal and external clients for long term collaboration
Experience working at one of the big accounting firm, or as part of corporate with internal audits is plus
Experience in supporting, responding to or conducting IT audits – internal and external
Security assessments of network infrastructure, hosts and applications – another element of risk management
Ability to understand and communicate all aspect of Software Development methodology. Excellent report writing and communication
Collaborate with different type of stakeholders ranging from – developers, product managers, project managers, marketing and sales teams, legal department and Account Directors
Ability to analyze large technical documents, and provide feedback on them. Ability to strategically write responses to cover our liability during contract negotiation
Understanding TCP/IP, computer networking, routing and switching – an understanding of the fundamentals: the language, protocol and functioning of the internet is a plus
The ability to work well independently
Bachelors Degree in Computer Science or related technical program
Information Systems certifications is a plus (e.g., CISSP, CISM, CISA)
Willis Towers Watson is a leading global advisory, broking and solutions company that helps clients around the world turn risk into a path for growth. With roots dating to 1828, Willis Towers Watson has 40,000 employees serving more than 140 countries. We design and deliver solutions that manage risk, optimize benefits, cultivate talent, and expand the power of capital to protect and strengthen institutions and individuals. Our unique perspective allows us to see the critical intersections between talent, assets and ideas – the dynamic formula that drives business performance. Together, we unlock potential. Learn more at willistowerswatson.com.
Willis Towers Watson is an equal opportunity employer
Willis Towers Watson is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, age, status as a protected veteran, or disability.
Equal Employment Opportunity: Know your rights. at http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf
Unsolicited Contact: Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Willis Towers Watson are considered property of Willis Towers Watson and are not subject to payment of agency fees. In order to be an authorized Recruitment Agency/Search Firm for Willis Towers Watson, any such agency must have an existing formal written agreement signed by an authorized Willis Towers Watson recruiter and an active working relationship with the organization. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search. Likewise, for our authorized Recruitment Agencies/Search Firms, if the candidate submission process is not followed, no agency fees will be paid by Willis Towers Watson. Willis Towers Watson is an equal opportunity employer.
Not ready to Apply? at https://willistowerswatson.avature.net/WTWTalentNetwork
Share on Facebook
Share on Twitter
Share on Google+ Share on Pinterest
Share on Linkedin
Share by Mail
Location:Arlington, VA, USPhiladelphia, PA
Date Posted:August 14, 2018