Job Description
About the Organization
The Momentus Capital branded family of organizations - which includes Capital Impact Partners, CDC Small Business Finance, and Ventures Lending Technologies - is transforming how capital and investments flow into communities to provide people access to the capital and opportunities they deserve. We are working to reinvent traditional financial systems that have failed to address systemic issues of inequality, economic empowerment, and the widening racial wealth gap by offering a continuum of financial, knowledge, and social capital to help local leaders build inclusive and equitable communities and create generational wealth. This includes a comprehensive package of loan products, impact investment opportunities, training and business advising programs, and technology services that advance locally-led solutions. Our suite of products and services, experience, and scope will foster equitable job creation, wealth building, and economic mobility.
Position Summary
The Security Analyst position plans, implements, upgrades, and monitors security measures for the protection of our enterprise computer networks, computers, systems & information. This position spans cyber, technology, and data with a priority on protecting information from threats and enhancing our organizational security awareness. This position is a security expert for ongoing operations and future project delivery, ensuring ongoing security posture strengthening across an evolving regulatory environment. This Security Analyst position reports directly to the Senior IT & Cyber Program Manager.
Essential Responsibilities
- Provide security expertise to related projects and drive security related workstream of business and technology projects
- Provides analysis of monitored information systems & networks, manages security incidents, and administers security solutions
- Evaluates and improves processes for mitigating, investigating, documenting, and reporting unauthorized access or disclosure of personal information
- Conducts risk assessments and develops mitigation and remediation plans
- Identifies, designs & implements end user solutions for authorized access to digital assets balancing information protection, usability & costs
- Identifies related training programs and awareness campaigns for employees, contractors, and appropriate third parties.
- Recommends updates to security, systems, and data policies, standards and procedures, and corrective actions
- Inventory management of end-to-end security solutions
- Maintains current knowledge of applicable data protection, security related regulations, and accreditation standards
- Ongoing identification of any security solution gap for future state readiness
- Translate technology & legal requirements, identifying best-fit solutions
- Supports performance, integration & systems testing from a security perspective
- Work in multi-disciplinary teams (technical, functional, business, legal) locally & remotely
- Proactively research emerging security technologies to increase protection and optimize security solutions
- Recommend security solutions and sourcing approach to address security needs
- Contributes to enterprise and technology risk management
- Contributes to security strategy, planning, execution & measurement
Professional Skills, Education and Experience
- Bachelor’s degree in computer science, information systems, business administration or related field. Practical certification(s) such as CompTIA, Microsoft, CISSP, CISM, CISA, GSEC, CEH are desired. Education level will be considered on a holistic basis considering both education and work experience.
- Minimum 10 years of experience in the technology and security industry, including financial services industry expertise
- Experience with NICE Framework
- Cyber, technology & data security experience with evidence of practical application.
- Excellent analytical, strategic conceptual thinking, strategic planning and execution skills.
- Deep understanding of current and emerging security technologies and how other enterprises are employing them to drive digital business, and how they may be applied to the enterprise to protect digital assets.
- Exceptional problem solving skills with the ability to communicate with technical and non-technical talent.
- Adaptability and a willingness to learn new skills
- Demonstrated ability to implement security solutions and drive stronger culture of security awareness
- Established network of security related services & product providers