Credit One Job Posting Banner

Security & Compliance - Security & Compliance Analyst II

6801 S Cimarron Rd, Las Vegas, NV 89113, USA Req #1475
Tuesday, May 24, 2022

Position Summary:

The Information Security Risk Analyst is responsible for assessing and documenting the (IT/Dev) department’s governance, compliance, and risk posture as they relate to information assets. This position requires skilled administrative, (technology/development) expertise for the development and implementation of the information security risk management and compliance program. Responsibilities require leadership and project management experience, as well as the ability to ensure effective system-wide analysis, standards, testing, risk assessment, awareness, education, and development of policies, standards, and guidelines.

Summary of Essential Job Functions:

  • Operate with a high degree of independence with regard to project management activities, including development of project plans and budget/resource estimates
  • Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner
  • Lead the development and implementation of the (Information Technology/Software Development) risk management function of the technology risk program to ensure information security risks are identified, managed, and monitored
  • Internally assess, evaluate, and make recommendations to management regarding the adequacy of the (administrative and technical) risk controls for the Bank’s information and technology systems
  • Contribute to the system-wide information security governance and compliance program, ensuring Information Technology, Development & Information Security activities, processes, and procedures meet defined requirements, policies, and regulations
  • Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with regulatory expectations and relevant legislation
  • Execute strategy for dealing with increasing number of audits, compliance checks, and external assessment processes for internal/external auditors
  • Familiarity with Information Technology, Development, Information Security, and Industry compliance frameworks such as FFIEC, PCI DSS, NIST CSF, Center for Internet Security, Agile, etc.
  • Communicate with all levels of staff including; Information Technology, Development, and Information Security management and staff, developers, and other technical staff, general counsel, auditors, and technology vendors and contractors, in matters related to information security governance, policy, risk, compliance, and security awareness
  • Work with Internal Audit, State and Federal regulators as appropriate on required technology & security assessments, audits, and examinations
  • Coordinate and track all information technology and information security related audits and examinations including scope of audits, timelines, auditing agencies and outcomes
  • Work with auditors and regulators as appropriate to keep audit focus in scope, maintain excellent relationships with audit and regulatory entities and provide a consistent perspective on the bank’s governance, risk, and compliance efforts
  • Provide guidance, evaluation, and advocacy on audit responses
  • Must be able to assess computer hardware, software, and systems for security risks (or violations) and work with Information Technology, Information Security, consultants, and bank vendors to recommend solutions
  • Develop strategies to address awareness and training for all stakeholders as well as technical solutions. Must be able to assess the status of complex multi-location projects as well as identify and implement appropriate corrective measures to resolve issues as they arise. Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations
  • Collaborate with bank Business Continuity department on Technology & Information Security business continuity planning, disaster recovery planning, and testing

Position Requirements:

  • A self-starter, able to work under general supervision. Comfortable working with inter-related infrastructure, software development, and information security risk issues
  • 1-3 years of Information Technology and/or Development experience including information security technology skills and expertise or 1-3 years of direct information security experience
  • Knowledge of information technology and/or software development risk management frameworks and compliance practices
  • Knowledge of information technology, software development, and information security controls
  • Ability to develop security policies, standards and guidelines based on best practices and industry frameworks
  • 1-3 years' experience in participating in information technology, software development, or information security projects
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
  • Understanding of common security standards and regulations relating to a financial services environment such as, FFIEC, PCI DSS, NIST CSF, Center for Internet Security (CIS), MITRE ATT@CK., ISO 27000, Agile, etc.
  • 1-3 years' experience in participating in information technology, software development, or information security audits and examinations
  • Well versed with financial service industry legal and regulatory requirements


  • Bachelor’s degree in computer science, information technology, software development, or another related field
  • Familiarity with security auditing and the financial regulatory examination process (Federal Reserve Bank, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, FFIEC, etc.)
  • Information security governance, risk, and/or compliance experience in financial services or federal/state/local government including documenting risk and compliance activities
  • Experience participating in information technology, software development, or information security audits and/or risk assessments
  • Experience producing key metrics, information visualization, and reports
Credit One Bank, N.A. is a data-driven financial services company based in Las Vegas. Founded in 1984, Credit One Bank offers a spectrum of credit card products for people in all stages of financial life. One of the fastest-growing credit card providers in the United States, Credit One Bank offers credit cards through the Visa®, Mastercard® and American Express® networks. Credit One Bank is the Official Credit Card of NASCAR®, the Las Vegas Raiders, the Vegas Golden Knights, and Best Friends Animal Society, and is a proud partner of WWE and Six Flags®. Learn more at and on social media (@CreditOneBank) on Facebook, Instagram, Twitter, YouTube, and LinkedIn.   We are looking for highly qualified professionals at our state-of-the-art, corporate headquarters in Las Vegas, NV. In addition to providing our card members with superior value and service, we are dedicated to providing engaging and challenging career opportunities for our employees. As a member of the Credit One Bank team, we’ll help you be your best and support you so you can reach your full potential.   Credit One Bank, N.A. is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation or national origin. Credit One Bank does not accept unsolicited resumes from agencies and is not responsible for related fees.

Other details

  • Job Family P2 - Experienced Professional
  • Pay Type Salary
Location on Google Maps
  • 6801 S Cimarron Rd, Las Vegas, NV 89113, USA