This company is committed to hiring Veterans

Business Analyst (Information Security)

This job is no longer active. View similar jobs.

POST DATE 8/31/2016
END DATE 11/16/2016

Progressive Leasing Draper, UT

Draper, UT
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #
Mid-Career (2 - 15 years)
Bachelors Degree



Apply Now Draper, UT

Progressive is blazing a path at the intersection of Leasing and Technology and we have an exciting new opening for a Business Analyst (Information Security) in our Draper, Utah office.

This analyst will report to the Director of Information Security will be responsible for problem definition, user story development, and scrum master duties within the security team and cross-functionally across the enterprise. They will also be responsible for GRC efforts including but not limited to ensuring Progressive meets its compliance SOX, COSO, ISO and PCI requirements by supporting control environment definition and maintenance, as well as audit.

What You\'ll Do:

* Own the relationship and serve as the liaison between the functional and technical requirements as well as the execution of those requirements in the deliverables.

* Work with the technical and business teams to prepare the quality assurance testing plans and validation of the sprint goals

* Consult with leadership to improve control efficiencies and operating effectiveness

* Partner with key teams to obtain and review evidence of compliance to support technical SOX, PCI, ISO, COSO and other compliance or audit requirements

* Support the completion of the annual SOX, PCI DSS, ISO and COSO attestations

* Manage and communicate key compliance milestones for critical systems and complex processes

* Facilitate interaction between the business and internal and external financial statement auditors

* Implement established audit, compliance and risk criteria

* Demonstrate strong knowledge in IT controls, risk assessments, and the design and testing of security measures

* Be a thought leader in Information Security and align initiatives with business objectives of the company

* Conduct analysis and trending (reports, dashboards, status etc.) on internal or external progress or events affecting information security

* Work closely with cross-functional teams and develop strong liaison relationships

* Supports audit processes, as required

* Participate in special projects/research and prepare management reports

* Experience using the GRC tool preferred

* Ensures all IT policy and procedures are documented and updated according to regulatory standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository / system of record up-to-date as defined by the IT Governance program

* Interfaces with internal and external requestors as an escalated point and reviews IT artifacts for completeness and satisfaction for the delivery of quality services regarding important issues / priorities, and deadline-sensitive information

* Engages with technical process owners to understand technical process steps, identify risk, and drive toward a completed documentation that aligns with the IT Governance and Risk Management programs

* Functions as the GRC repository system and SharePoint SME and trains/supports clients with repository system usage, including one-on-one training and drafting training guidelines when necessary

* Defines and delivers appropriate IT GRC metrics, analytics, and scorecards

* Maintains all versions and version control for all IT GRC program documentation and pipeline with a thorough understanding of the processes and communicates the status

* Coordinates various GRC repository system improvement projects and activities to enhance the system of record and maintain effective process controls

* Organizes and leads IT GRC-related meetings and prepares meeting agendas

* Develops and maintains risk register and designs self-assessments to help identify risks

* Serves as an escalation point to track and follow-up on risk events

Minimum Experience & Qualifications:

* Bachelor s degree or equivalent experience is required

* 5-8 years IT background; experience with risk, compliance and regulatory issues preferred

* 3+ years prior experience supporting a management internal IT control environment

* 5-8 years IT audit experience

* 3+ years experience in the fields of Business Analysis, Quality Assurance, or Software Development

* 2+ years experience working with business leaders, customers, and end users on a daily/weekly basis

* 2+ years experience in formal Project Management methodologies like, agile or scrum

* Relevant experience as a trusted technology advisor to senior business leaders and key decision maker

* Hands-on experience in, but not limited to one or more of the following business areas: eCommerce, Order Management, Payment Processing, Back Office Systems, and/or Business Process Re-Engineering or Development.

* GRC experience/background is strongly preferred

* Strong work ethic and high initiative

* Intermediate knowledge/audit experience of the following: Active Directory, UNIX, Windows, VMWare, SQL, and other enterprise technologies

* Intermediate knowledge of the following technical areas: network security, operating system security, database security, secure system development, identity and access management, physical access controls, backup and critical job execution/monitoring, and information security policy

* Experience with project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)

* Ability to identify problems, analyze data and present conclusions effectively

* Strong verbal, written and presentations skills

* Excellent PC skills (Excel, Word, Adobe, PowerPoint, SharePoint)

* Industry Certifications (CISSP/CISA/CISM/CRISC) preferred

* Ensures all IT policy and procedures are documented and updated according to regulatory standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository / system of record up-to-date as defined by the IT Governance program

* Provides solutions and coordinates the execution of control mechanism/testing against technical procedures to ensure appropriate execution and that risk is mitigated to an appropriate level

* Analyzes business problems using software, analytical tools and techniques, business process and technical knowledge and general common sense to formulate solutions

Compensation, Perks & Benefits:

* Competitive Compensation with Monthly Bonus Potential

* Full Health Benefits - Medical/Dental/Vision

* 401k, Paid Time Off and Tuition Reimbursement

* Full Service Gym, Game and Lounge Area, Basketball Court

* Free Healthy Snacks and Refreshments

* Subsidized Public Transit

* Fun and Relaxed Work Environment


Founded in 1999, Progressive Leasing, a wholly-owned subsidiary of Aaron s Inc. [NYSE: AAN], is a steadily growing company, already surpassing $1B in revenue. Our scalable customer payment software products provides lease-purchase technology solutions through 16,000+ retail locations in 46 states.

Progressive Leasing does not discriminate in any aspect of employment on the basis of race, color, religion, national origin, ancestry, gender, sexual orientation, gender identity and/or expression, age, veteran status, disability, or any other characteristic protected by federal, state, or local employment discrimination laws where Progressive Leasing does business. All new hires must pass a pre-employment criminal background check and drug test Apply Now