Security Compliance Analyst - REMOTE

Join the People Helping People

PSCU/Co-op Solutions is now Velera! PSCU and Co-op Solutions became a single entity on January 2, 2024, and our new company name was announced on May 7, 2024. Our new brand represents our combined company’s shared mission and unique ability to drive velocity and positive momentum for credit union success in a new era of financial services.

The Opportunity:

This position provides support for IT Compliance Programs, and will research risks, identify issues, develop solutions, and provide related reporting, training and other duties.  Incumbent will oversee and gather information related to the ongoing activities within Velera, including creation and development of information security metrics for senior leadership.  Incumbent will report on top departmental and corporate compliance priorities and will own execution and process to meet stated priorities. Incumbent will also collaborate with functional ITS and business leaders to drive IT compliance practices and adoption.

Day in the Life:

• Audit user and system security configurations for compliance with internal and external requirements
• Perform audits and follow-up on corrective actions; Participate in internal audit activities performed for compliance verification; Interact and coordinate with appropriate business unit resources for audit participation
• Provide information to management regarding negative business impact caused by violation of confidentiality, integrity or availability of information and information systems
• Understand application of security concepts across a broad scope of information technology areas including data communications, network design, operations, database structures, operating systems, application development, security risk assessment, and disaster recovery
• Provide ongoing guidance and support to the organization to promote a progressive and sustainable compliance culture
• Prepare and provide updates for monthly internal and external compliance reports
• Document and maintain risk-based compliance policies and procedures; Develop various materials for use on ITS's compliance intranet site
• Coordinate training material and monitoring records and the distribution of regulatory information to the appropriate personnel
• Implement and maintain operational plans for key control activities to ensure compliance with regulatory, legal, and corporate or functional related policies and procedures; Respond to internal and external inquiries and requests for information to clarify regulatory requirements
• Assist in development of processes to identify, quantify, analyze, and report on Velera Technology Risk and Compliance status
• Function as a liaison between business units with compliance responsibilities to collect, report, and retain compliance documentation and reports
• Identify ongoing process improvements, operational gaps, and potential remediation steps; assist and/or lead process re-design and coordination of remediation efforts and remediation status reporting
• Maintain knowledge of legislation and regulation changes related to the financial industry; understanding of applicable finance industry security and privacy regulations, procedures and issues, and assist in leading internal efforts to ensure the organization remains compliant with such laws and regulations
• Lead and/or participate in special project teams supporting general business initiatives outside of the primary security function
• Perform QA reviews of IT controls related work products (e.g., user attestations packages) and client assistance documentation prior to delivering to internal and external auditors, clients, and business partners.
• Perform other duties as assigned

Qualifications:

• Bachelor’s degree in computer science or related discipline, or equivalent combination of education and experience required. 
• Risk management, governance or security certification (CRISC, CGEIT, CISSP, CISM, CISA) or ability to obtain within six months.  
• Project Management certification (PMP) preferred.
• Five (5) years of related work experience, including a combination of at least three (3) years’ experience in Internal IT Systems Auditing and three (3) years’ experience in internal control projects in the financial industry required.
• Prior experience with user access reviews, user attestations, and user certifications is required.
• Working knowledge of SSAE 16 and PCI requirements
• Working knowledge of ISO27000 series of standards, PCI, COBIT, ITIL, and Sarbanes Oxley rules surrounding IT
• Working knowledge of NACHA
• Working knowledge of OFAC, BSA, GLBA, Patriot Act and other Federal or State laws that impact National Security requirements or privacy
• Strong communication skills, including written skills relating to issue documentation and reporting to executive management and the audit committee
• Proficiency in word processing and spreadsheet computer software applications
• Ability to travel as needed to successfully perform position responsibilities

About Velera

At Velera we are committed to fostering a workplace where every employee feels valued, respected, and connected. We understand, attract and engage a diverse workforce where every employee can live up to their full potential; ensuring that our employee base reflects the consumers we serve. The result of this effort is an inclusive environment where diverse talent thrives. We strive to foster a safe and inclusive work environment for people to bring their authentic selves in order to build a better community within our company and with our partners.   Learn more about our commitment to Diversity, Equity, and Inclusion HERE!

Pay Equity

to

Actual Pay will be adjusted based on experience and other job-related factors permitted by law.

Great Work/Life Benefits!

• Competitive wages

• Medical with telemedicine

• Dental and Vision

• Basic and Optional Life Insurance

• Paid Time Off (PTO)

• Maternity, Parental, Family Care

• Community Volunteer Time Off

• 12 Paid Holidays

• Company Paid Disability Insurance

• 401k (with employer match)

• Health Savings Accounts (HSA) with company provided contributions

• Flexible Spending Accounts (FSA)

• Supplemental Insurance

• Mental Health and Well-being: Employee Assistance Program (EAP)

• Tuition Reimbursement

• Wellness program

• Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions

Velera is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

Velera is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster and the "EEO is the Law" Poster Supplement. Velera will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.

Velera is an E-Verify Employer. Review the E-Verify Poster here (English and Spanish). For information regarding your Right To Work, please click here (English and Spanish poster).

As an ongoing commitment to reasonably accommodate individuals with disabilities please contact a recruiter at recruiters@velera.com for assistance.