Cybersecurity Risk Analyst- 201361
Pleasanton, CA /
Technology & Operations – Information Security and IRM /
Ellie Mae is the leading cloud-based platform provider for the mortgage finance industry. Ellie Mae’s technology solutions enable lenders to originate more loans, reduce origination costs, and reduce the time to close, all while ensuring the highest levels of compliance, quality and efficiency. Visit EllieMae.com to learn more.
Ellie Mae’s Cybersecurity Risk team is seeking a Cybersecurity Risk Analyst who possesses good risk analysis, collaboration, communications skills and the ability apply knowledge of information systems risk assessment and auditing. This role will be responsible for developing cybersecurity risk models, conducting technology risk assessments, and performing and automating control monitoring.
- Performs and automates monitoring of technology controls; creates and maintains documentation of test scripts, test results, issues/control gaps, corrective actions, and status.
- Conducts risk assessments using industry standard frameworks.
- Builds and maintains database of risk assessment questionnaires, responses, and mappings to industry standard frameworks and regulatory requirements.
- Supports Cybersecurity Risk reporting activities, including KRI and KPI metrics.
- Supports collaborative working relationships with members of other functional teams within Ellie Mae.
- Delivery focused, willingness to perform and manage all tasks required to complete the job and meet deadlines, including administrative and documentation-oriented tasks.
- Ability to work in a fast-paced environment and handle ambiguity, while meeting objectives and deadlines.
- Attention to detail and thoroughness, with a focus on the completeness, accuracy, integrity, security, and confidentiality of the information handled and activities performed.
- Ability to implement appropriate data analytics activities to support the Cybersecurity Risk monitoring program goals
- Capable of working with minimal supervision in teams and committing to deadlines.
- Knowledge and experience auditing technology controls, including logical access, change management, security, data protection, incident/problem management, project management, software development lifecycle, technology operations.
- Knowledge and experience using industry standards and frameworks
- Knowledge of industry Cybersecurity Risk tools
- Knowledge of agile and secure software development lifecycle processes and collaboration tools (e.g., JIRA, Confluence)
- Knowledge of ServiceNow, Workday and Salesforce.com is a plus
- Knowledge and experience using Unified Control Frameworks (NIST Cybersecurity Framework, PCI, Cloud Security Alliance)
- Proficient in Office Applications (MS Word, MS Excel, MS Access, MS Project, SharePoint)
- BA/BS degree in MIS, Computer Science (or equivalent)
- Technology Risk and/or Internal Audit experience
Ellie Mae is an equal opportunity and affirmative action employer. Women, minorities, people with disabilities, and veterans are encouraged to apply.
We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.