Address
Form of workFidelity National Financial, Inc. (NYSE:FNF) is a leading provider of title insurance and transaction services to the real estate and mortgage industries. FNF is the nation's largest title insurance company through its title insurance underwriters - Fidelity National Title, Chicago Title, Commonwealth Land Title, Alamo Title and National Title of New York - that collectively issue more title insurance policies than any other title company in the United States. More information about FNF can be found at fnf.com.
FNF is seeking a Lead Cyber Security Analyst focused on Governance Risk and Compliance – to join its Information Security Office (ISO) in their Jacksonville, FL office. This position will be reporting to the Information Security Manager, Vulnerability Management.
• Conduct and create network and system vulnerability assessments, documentation and consultation of corrective/remediation actions.
• Provide system administrators, system owners, and IT support staff with effective vulnerability mitigation strategies, meaningful vulnerability metrics, security controls and or corrective actions for mitigating technical and business risk
• Develop and report enterprise-level metrics for vulnerabilities and remediation progress.
• Understand, demonstrate, and educate stakeholders on the real-world impact of threats and vulnerability exploitation in a given environment.
• Drive the end-to-end vulnerability lifecycle Governance from discovery to closure.
• Provide governance and oversight of internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer’s information assets.
• Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders.
• Manage control testing functions to validate and measure internal controls against key enterprise risks.
• Create meaningful KRI and KPI as directed by management.
• Support, update and create Governance Risk and Compliance policies and procedures to match modern attack vectors.
• Able to analyze PEN test reports and prioritize threats for remediation.
• Build Automated reports and dashboards using GRC IT Systems to drive actions and prioritize risks.
• Oversee and challenge various business units on their findings to drive down pertinent risks in the organization.
• Must be self-supervising and able to take the lead on critical processes when needed.
• Guide and Mentor junior staff when required.
• BS/MS in Computer Science or Business with emphasis in IT or equivalent.
• Relevant Cyber Security certifications, such as CISSP, CRISK, CISM, SEC+ are optional, but highly desired.
REQUIREMENTS:
• Minimum of 5+ years of experience and a associate degree or equivalent combination of education (or technical certification) and direct work experience.
• Minimum 6 years of experience working in Governance IT Systems.
• Working knowledge of scanning tools, ASM, NDR and Network Security
• Background in security threat analysis – ability to determine risk level of identified threats and necessary urgency in remediation.
• Possess strong technical understanding of common network and system vulnerabilities.
• Possess a good understanding of Risk acceptance, transfer and Mitigation.
• Understanding of networking principles (OSI Model, routing, TCP/IP).
• Understanding of Windows and Linux operating systems, and basic administration.
• Problem-solving skills and ability to work under pressure in a rapid paced environment.
• Excellent written and verbal communication skills.
• Must posses critical thinking skills and be team centric.
• Experience working with cross-business and cross-functional teams in a geographically distributed environment.
• Willingness to accept direction, support leadership vision, and to serve as a point of contact directly supporting system owners, and executives on governance related issues or concerns.
• Working knowledge of vulnerabilities, exploitation, and threats to an organization.
Must have excellent verbal, written, and presentation communication skills, strong interpersonal skills and the ability to work effectively across project teams.
