Sr. Information Security Analyst

Who We Are

Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for nine consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

What We Do

Responsible for supporting the implementation and execution of the Information Security strategy, policies and standards at the business unit level. Provides ongoing integration, information, guidance, and support to assist active integration with business and technology stakeholders. Excellent organizational, communication, reporting and documentation skills are required.

What You'll Do:

• Engage with leaders from business and information security to address, identify and/or escalate security concerns and emerging risks.
• Develop monthly business unit information security reports with appropriate documentation.
• Provide support to the Information security leaders in providing strategic security guidance to business and technology stakeholders.
• Coordinate activities and efforts among different internal organizational groups, customers and vendors.
• Support identification of key risks to applications and understand business risk tolerance to identify solutions and provide guidance.
• Work with the business to support development of processes and procedures to ensure information security policies and standards are integrated.
• Support the business in development of action plans while reporting and tracking to closure all information security issues resulting from Security Assessments, Audit, Risk Assessment
• Other duties as assigned

WHAT YOU’LL BRING

• Bachelor’s Degree or equivalent experience preferably in Computer/ Information Systems/ Technology. 
• In-depth knowledge of IT and Information Security control standards and frameworks (COBIT, ISO27001, SSAE16/SOC1/SOC2, etc.)
• Knowledge of InfoSec regulations at the federal and state levels, such as NYDFS 500 series, GLBA, CCPA, etc.
• Working knowledge of Microsoft products (PowerPoint, Excel, Teams, Word) with in-depth knowledge of MS Excel
• Minimum 5 years relevant work experience in Information Security, IT Risk Management, IT Governance or IT Audit
• Practical knowledge with business reporting and GRC tools (ServiceNow, Tableau, PowerBI)
• Strong working knowledge of information security risks and controls
• Effectively communicate IT compliance expectations to all levels of the organization including operational personnel executive management
• Gain support and consensus with multiple stakeholders and partners (internal and external)
• Manage multiple initiatives simultaneously, with strong ability to prioritize
• Respond appropriately to potential audit findings including vetting and assessment of risk
• Customer focused in the context of balancing risk reduction with business needs
• High attention to detail to manage, analyze and finalize artifacts and documents
• Highly developed oral and written communication skills; strong presentation skills
• Highly flexible, adapting to changes in priorities and requirements
• Development and maintenance program-related documentation (e.g., standard operating procedures)
• Ability to quickly learn, communicate and apply technical concept
• Training courses, seminars, certifications, or other security related education such as CISSP, SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Management), CCNA, CCNP, MSCE preferred

*This role is remote eligible for candidates not local to Santa Ana, CA Campus*

Salary Range: $95,300.00-$158,900.00

This hiring range is a reasonable estimate of the base pay range for this position at the time of posting.  Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location

What We Offer

By choice, we don’t simply accept individuality – we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it’s the right thing to do, but also because it’s the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.

First American will consider for employment all qualified applicants, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws (e.g., the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act).

First American intends to conduct a review of an applicant’s criminal history in connection with a conditional offer. First American reasonably believes that a criminal history may have a direct, adverse and negative relationship with the following material job duties for this position potentially resulting in the withdrawal of the conditional offer of employment: handling of confidential, proprietary or trade secret information belonging to First American or its customers, administrating or facilitating financial transactions, and the ability to meet customer-imposed criminal history requirements.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.