Provides support to business and IT teams, including assistance in security consulting for corporate initiatives and information security projects.  Assists in performing security and risk assessments of Western & Southern Financial Group (W&SFG) systems, third-party vendors, and user access to identify areas of noncompliance with established information security standards and regulations.  Supports members of the Security Risk Management (SRM), Identity and Access Management (IAM), and IT Risk Management (ITRM) in daily operations and helps recommend risk mitigations and countermeasures.  Escalates when needed and updates senior team members and Manager on a regular basis.

• Assists SRM team in performing third-party vendor due diligence security reviews to ensure compliance with information security policy, security procedure, and regulatory requirements.  Helps identify and report deficiencies or risks to the appropriate stakeholders.  Participates in the effort to address identified IT risks with corrective action plans.  Conducts ongoing monitoring of the third-party security posture and performance.
• Contributes to SRM’s development of the organization's information security awareness program.
• Works with IAM team members to perform access management and identity lifecycle processes for internal (associate) and external (customer, producer and bank channel) identities.
• Supports IAM team members in the administration of access rights reviews.  Follows up with reviewers to answer questions or provide additional insight.
• Assists ITRM with cyber risk assessments, including the identification of controls and execution of controls evaluation and testing.
• Supports ITRM’s annual review and maintenance of cybersecurity policies, standards and procedures.
• Assists ITRM with risk finding and audit issue monitoring.
• Collaborates with other Information Security and Cybersecurity teams to understand industry best practices and provide assistance to project teams.  Ensures project teams meet business needs and deliver solutions that help avoid risks to the corporate network and information assets.
• Performs other duties as assigned by management.

• Basic knowledge in the areas of information security governance and identity and access management concepts.
• Basic understanding of information security best practices.
• Proven inherent passion for information security and service excellence.
• Basic ability to identify project risks and gaps, developing creative and workable solutions to complex problems and policy issues.
• Proven strong team player – collaborates well with others to solve problems and actively incorporate input from various sources
• Demonstrated strong analytical and problem-solving skills with the ability to grasp new concepts and apply them; effectively evaluates information/data to make decisions; anticipates obstacles and develops plans to resolve. 
• Proven excellent verbal and written communication skills with ability to convey information to internal and external customers in a clear, focused and concise manner.
• Demonstrated calm and professional demeanor when handling demanding situations.
• Demonstrated self-starter with strong internal motivation.
• Proven ability to work under multiple deadlines and with minimal supervision.
• Demonstrated experience in completing assigned tasks accurately and on a timely basis. 

Educational Requirements:

Working towards bachelor’s degree in computer science, computer engineering, IT or a related technical field, or commensurate selection criteria experience.