As one of the original innovators in lending, credit, fraud, and spend analytics, Verisk Financial integrates one of the industry’s largest sets of data to help banks, financial regulators, retailers, and media companies grow their businesses. We combine data with predictive analytics to uncover new consumer and business insights and integrate this data with the most technologically advanced platforms.  

Verisk Financial | Argus is a leading provider of intelligence, decision support solutions, and advisory services to financial institutions across the global commerce ecosystem. Our clients include more than 50 top U.S., Canadian, and other international financial organizations, regulators, payment providers, merchants, and media. Argus is the leading source of segment-level portfolio management benchmarking data, analytics, models, and advisory services. We maximize value delivery to clients by combining proprietary data sets, cutting-edge software and analytic tools, domain expertise, and our unique results-oriented approach. Customers worldwide use our services for tailored data management solutions that include business intelligence platforms, profile views, mobile data solutions, enterprise database services, and fraud risk scoring algorithms for marketing, fraud, and risk mitigation. Our clients gain competitive advantage from our exclusive focus on leveraging global best-in-class analytics and methodologies to help achieve their business and regulatory objectives. To learn more about Argus please visit us at: www.argusinformation.com. We are proud to be a part of the Verisk family of companies! 

At the heart of what we do is help clients manage risk. Verisk (Nasdaq: VRSK) provides data and insights to our customers in insurance, energy and the financial services markets so they can make faster and more informed decisions.    

Our global team uses AI, machine learning, automation, and other emerging technologies to collect and analyze billions of records. We provide advanced decision-support to prevent credit, lending, and cyber risks. In addition, we monitor and advise companies on complex global matters such as climate change, catastrophes, and geopolitical issues.  

But why we do our work is what sets us apart. It stems from a commitment to making the world better, safer and stronger.   

It’s the reason Verisk is part of the UN Global Compact sustainability initiative. It’s why we made a commitment to balancing 100 percent of our carbon emissions. It’s the aim of our “returnship” program for experienced professionals rejoining the workforce after time away. And, it’s what drives our annual Innovation Day, where we identify our next first-to-market innovations to solve our customers’ problems.   

At its core, Verisk uses data to minimize risk and maximize value. But far bigger, is why we do what we do.  

At Verisk you can build an exciting career with meaningful work; create positive and lasting impact on business; and find the support, coaching, and training you need to advance your career. We have received the Great Place to Work® Certification for the fifth consecutive year. We’ve been recognized by Forbes as a World’s Best Employer and a Best Employer for Women, testaments to our culture of engagement and the value we place on an inclusive and diverse workforce.  Verisk’s Statement on Racial Equity and Diversity supports our commitment to these values and affecting positive and lasting change in the communities where we live and work.  

We are looking for a Lead Information Security Analyst to be based in our White Plains, NY location capable of supporting the increasingly complex aspects of data management and security at Verisk Financial.  This role will engage the successful candidate to all facets of the function, including cyber-security operations work (tool oversight/review, incident handling and escalations, investigations); compliance initiatives (Information Security awareness campaigns, risk and control assessments, working on client, audit and regulatory reviews, policies, risk register management) and general guidance, assistance and oversight engagement with business staff in their client and project related issues that touch upon information security areas, policies, etc.

Although White Plains, NY is the preferred location for this position, other Verisk U.S. office locations will be consider.

Responsibilities include:

• Design, build, maintain, monitor and enhance security processes that enforce company policy requirements throughout the organization to reduce risk, respond to incidents and limit exposure and liability in all areas of information-related, financial, personal and reputational harm.
• Periodic review and assessment of the Operational Monitoring of Information Security Systems, logs, etc. using an array of data-security products and techniques to ensure compliance with policies, industry standards, client contractual obligations and regulatory compliance requirements and assist in creation of remediation plans when risks or gaps are identified.
• Assist in the investigation and reporting of any risks related to compliance or cyber security including the assessment and evaluation of emerging risks to determine risk severity level and impact.
• Continually liaise with Verisk Information Security to help align strategy, policies and technologies.
• Assist with Information Security assessments and audits requested by regulatory agencies or clients and in the design and/or implementation of remediation plans for Information Security and IT for gaps or risks identified.
• Provide additional response to questions sourcing from internal client requests for information concerning information security posture of Verisk Financial.
• Reporting to department and company leadership concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance with policy.
• Collaborating on critical cross-department/company projects to ensure that security issues are addressed throughout the project lifecycle.
• Planning, developing and delivering security awareness training and education programs to educate staff on how to safeguard information against accidental or unauthorized modification, destruction or disclosure of critical information.
• Assist ISO with leading members of the ISO team on projects and initiatives and help the ISO to mentor team members to improve their skills and provide guidance and support, especially when the ISO is unavailable.

Skills/Experience/Certifications/Leadership:

• Certified Information Systems Security Professional (CISSP) certification required
• Bachelor’s degree in computer science, information technology, or related field preferred
• Minimum of four years of Information Security experience, preferably in a banking or healthcare institution, or vendor supporting such institution
• Prior experience as a team leader/manager preferred.  Experience managing projects a plus.
• Must have a proven track record of excellent research and analytical skills and outstanding interpersonal and communication skills

InfoSec and Technical Skills/Experience:

• Prior experience in and good knowledge of information risks, concepts, principles and industry standards, such as: NIST, PCI, PHI, PII, ISO 27001, HIPAA/HITECH and OWASP.
• Experience working closely with standard Information Security tools, e.g. SIEMs, Anti-Virus/Malware, Monitoring Tools (OS, Database), Network Access Control (NAC), etc.  Experience designing programs around use of these tools a plus.
• Experience performing risk assessments using frameworks such as industry standard control sets, methodologies etc.
• Experience developing, documenting, and maintaining security processes, procedures and transforming policy requirements and industry standards into actual practice.
• Strong knowledge of network and systems infrastructure, including routers, switches, firewalls, VPNs, terminal servers, device ACL configuration, etc.
• Experience with oversight or implementation of cloud and cloud security, AWS a plus.

 #LI-SH1 

Verisk Analytics is an equal opportunity employer.

All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability.

http://www.verisk.com/careers.html

Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume. 

Consumer Privacy Notice

At Verisk, the health and safety of our people is our number one priority.  Effective November 15, 2021, and subject to applicable law, all prospective hires for office based roles or roles that support any of our businesses’ government contracts will be required to demonstrate that they are fully vaccinated against COVID-19 by their start date, or qualify for a legally-required medical or religious accommodation to this vaccination requirement, as a condition of employment. Hired candidates who do not demonstrate that they are fully vaccinated against COVID-19 by their start date, and who have not been approved for a legally-required medical or religious accommodation will no longer meet the requirements for employment and their offers of employment will be immediately rescinded, in accordance with applicable law.