Job Description Black Knight is the premier provider of integrated technology, services, data and analytics that lenders and servicers look to first to help successfully manage the entire loan life cycle. Our deep understanding of regulatory and compliance issues complements the knowledge, technology and solutions we offer to help our clients achieve their business goals. Black Knight offers leading software systems; data and analytics offerings; and information solutions that facilitate and automate many of the business processes across the mortgage life cycle.
JOB FAMILY DESCRIPTION
Administers an information systems program to validate security policies and regulatory requirements are met across the business, ensuring the company and its systems are protected from domestic or international security threats. Evaluates security controls to ensure effectiveness and compliance with the information security program and regulatory requirements; manages security control remediation efforts; and supports internal and external information security related audits. Uses information security tools and procedures to respond to inquiries. Recommends security solutions, advises on systems and application-level security configurations, and investigates/mitigates security risks as required.
Review and negotiate client contracts, Request for Proposals and Master Services Agreements for information security compliance and risk related issues. Interpret, monitor, and document corporate information security policies. Evaluate, assess and provide recommendations on security compliance and risk exposure in the areas of information security, audit compliance and operational applications.
GENERAL DUTIES & RESPONSIBILITIES
- Review and negotiate client contracts, Request for Proposals and Master Services Agreements for information security compliance and risk related issues.
- Monitor the legal and regulatory landscape to ensure risk and information security policies align with compliance requirements and operational effectiveness.
- Interpret, monitor, document and maintain corporate risk and information security policies, standards and guidelines.
- Keep abreast of emerging risks and technologies to ensure polices and standards address these risks.
- Develops and manages security for business units across the enterprise to prevent hackers from compromising company systems and information.
- Develops and implements security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures, and use of firewalls and encryption routines).
- Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
- Responsible for the tracking and monitoring of software viruses.
- Enforces security policies and procedures by administering and monitoring security profiles; reviews security violation reports; investigates possible security exceptions; and updates, maintains, and documents security controls.
- Maintains the company’s firewall and ensures utilization of encryption methods.
- Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.
- Provides direct support to the business and IT staff for security-related issues.
- Educates IT and the business about security policies and consults on security issues regarding user built/managed systems.
- Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues.
- Performs other related duties as assigned.
Bachelor’s Degree in Computer Science, Information Systems or the equivalent combination of education, training, or work experience.
GENERAL KNOWLEDGE, SKILLS & ABILITIES
- Knowledge of BKFS’ business environment and the ability to evaluate information security risk implications
- Knowledge of common information security management frameworks
- Experience working with a diverse range of data sources/streams and managing these effectively
- Excellent analytical, decision-making and problem-solving skills
- Ability to develop partnership-oriented relationships with business executives and functional leaders, especially as it relates to operations and technology
- Strong background in security operations, processes, solutions and technologies
- Strong understanding of policy, compliance, and best practice security principles
- Working knowledge of Linux, Windows, and Network Operating Systems
Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy
- Experience with enterprise risk assessment methodologies
- Must be able to multitask in a fast-paced environment with focus on timeliness, documentation, and communications with peers and business users alike.
- Proficiency in project management
- Ability to communicate well both verbally and in writing to technical and non-technical audiences of various levels within BKFS or outside the organization (executives, regulators, clients, etc.)
- Results oriented, business focused, and successful at interfacing across multiple organizational units
JOB FAMILY LEVEL
Expert professional role. Performs work that is highly complex and varied in nature. Develops integrated solutions to resolve highly complex technical and business issues. Recognized security expert internally and externally within multiple IT functional areas. Often provides strategic direction, guidance and integration of services. May lead multiple IT security projects or participate as a team member. Works on small to large, highly complex security issues or projects that require expertise in multiple IT functional areas. Requires expertise of security issues, techniques and implications across all existing computer platforms. May manage or serve as a project leader for IT security projects or the security components of multi-discipline projects. Must have extensive knowledge in networking, databases, systems and/or Web operations. May coach and guide more junior staff. Typically requires eight (8) or more years of combined IT and security work experience with an extensive exposure to systems analysis, applications development, and database design and administration and at least five (5) or more years of experience in a lower-level IT Security Analyst role. CISSP or equivalent professional certification is required (CISM, GSEC, etc.).
Black Knight Financial Services is an AA/Equal Opportunity Employer