Information Security - Application Assessment Analyst

Information Security - Application Assessment Analyst-W429785


The Application Assessment Analyst will coordinate with business and technical contacts to obtain evidence to demonstrate compliance with specific technical standards including internet and mobile applications security standards, baseline security standards and audit logging and monitoring standards. The Analyst will produce detailed assessment documentation to outline the results of completed assessments. The Analyst will also collaborate with Information Security Officers to document identified application weaknesses and mitigating controls. The Analyst is responsible for ensuring he/she has a complete understanding of applications and how their controls function.

Conducts moderately complex security related assessments, monitors, analyzes, documents, and follows up with the business to ensure IT security policies, procedures, and standards are being followed. May manage an on-going relationship with an assigned business unit. Works with both business and technical contacts to conduct assessments which may include a business risk impact analysis, application assessments, third party assessments or other activities to help ensure that applications and systems comply with SunTrust’s Information Security program (or have a documented exception in place) in support of applicable laws, regulations /guidance, and industry standards. May analyzes data risk factors and make recommendations concerning risk ratings and assessment activities, as well as mitigating controls and remediation plans. May present assessment results and recommendations to committee for acceptance. Works on project teams to determine relevant security assessment processes and controls. May participate in IT security development initiatives, and may develop business requirements for supporting system design updates. Applies an understanding of key business processes and practical experience to solve a range of straightforward problems. Analyzes possible solutions using experience, judgment and precedents. May perform data analysis to identify data issues. Works under moderate supervision.


Minimum Requirements: Bachelor’s degree and 2 years of experience in IT security, audit, risk management, or a related discipline or an equivalent combination of education and work experience. Knowledge in information systems and ability to apply that knowledge in practice. Ability to manage competing priorities. Ability to solve problems in straightforward situations by analyzing possible solutions using experience, judgment and precedents. Experience participating in IT projects. Ability to effectively communicate moderately complex information.

Preferred Requirements: Bachelor's degree and 3 years of experience conducting preparing, and presenting analysis, findings and recommendations related to information security. Certifications in CISSP or CISA. Proficient with Word and Excel. Banking or financial services experience. Basic understanding of laws, regulations, and industry requirements related to Information Security (i.e. GLBA, SOX, HIPAA, HITECH, FFIEC, and PCI).

Job: Risk and Security
Primary Location: GA-Atlanta Area
Work Locations: Marquis Two

285 Peachtree Center Ave

Atlanta 30303
Schedule: Full-time

Equal Opportunity Employer

SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer and does not discriminate against individuals on the basis of race, gender, color, religion, national origin, age, disability, veteran status or other classification protected by law.

EEO Poster

Expired, click here to search for relevant jobs

Around the Network