Security Project Manager - contract roleApply now
This is a Non-Employee Contractual Worker or Temporary Worker providing services for TD Ameritrade. This Non-Employee role will be employed by TD Ameritrade’s preferred 3rd Party Supplier only.
As a Non-Employee Contractual Worker or Temporary Worker, the expectation is for the SRM Engagement Analyst to be focused on:
- Creating security requirements, associating security requirements to inherent risk characteristics, and communicating security requirements to project teams.
- Handing both general and technical security inquiries into Security Risk Management leveraging email, Slack, and other data feeds from external systems.
- Processing all new Idea and project requests that are brought to SRM’s attention to action for technical review.
- Receive project requests from various systems and review inherent risk characteristics
- Identify the security requirements relating to that need to be met based on inherent risk characteristics
- Create security requirements based on new standards, best practices, threats, and regulatory requirements, ratify security requirements with security engineers and architects
- Maintain security requirements matrix and update accordingly.
- Communicate and explain the security requirements to the project team that need to be met based on the inherent risk characteristics
- Determine based on inherent risk and project understanding what security teams will need to be potentially engaged
- Coordinate architects and engineers that need to be involved in a project and communicate to Product/Project teams who in SRM will be involved
- Gather the security requirements standards and guidelines from SRM Subject Matter Experts relating to Applications, Systems, Database, Network, and Cloud and communicate to product/project teams
- Organize all existing technical security standards and guidelines. Associate security standards and guidelines to archer policy statements.
- Validate that all necessary security groups are involved and that security requirements have been provided to the project/product teams
- Coordinate and oversee the integrations between Clarity, Archer Jira, and other platforms and systems relating to inherent risk question data feeds
- Work with Archer GRC team to automate security requirements based on inherent risk characteristics.
- Perform gap analysis of security standards and identify which ones are missing, outdated, and current.
- Establish process for regular review of security standards and guidelines with engineers to ensure that standards and guidelines are kept current and relevant to latest best practices, threats and regulatory requirements.
- Provide weekly status reports to SRM management of active projects that SRM is working on within Technology and Business Lines
- Provide updates to the project teams Product Owners about the status of the security review (architecture or engineering)
- Provide reports to SRM senior management on a regular basis regarding the health and performance of program
- Establish partnership with SRM team directors and staff and outline the responsibilities of the SRM Project office
- Understand the use of Clarity for new Idea and Project requests – ensure SRM is notified systematically from Clarity of Ideas that are converted to projects
- Establish and maintain partnerships with Agile Transformation Office (ATO) and Business Relationship Managers (BRM)to explain the different types of security requirements that need to be integrated as capabilities/features into projects and products
- Compile listing of most common security requirements that should need to be integrated into projects/systems from an Applications, Systems, Database, Network, Cloud and third party perspective
- 4 Year College Degree in Information Systems or Equivalent Experience
- Writing, project management, agile, process management, communication, and training
- Experience with Information Security frameworks and standards (i.e. CIS, NIST, ITIL)
- Strong working knowledge of NIST 800-53 r4 and r5
- Strong knowledge CIS (Center for Internet Security) Benchmarks and Baselines for Hardening Standards
- Strong technical writing ability for security requirements, standards, and guidelines
- Expertise in Agile frameworks such as Scrum or Kanban
- Strong experience with utilizing Slack to communicate with associates and subject matter experts
- Resourceful, creative, innovative, results driven, and adaptable
- Solid problem solving and analytical skills
- Competent designer of mixed-technology solutions
- Ability to perform in a fast-paced multidisciplinary environment
- Ability to partner with and influence peers to ensure security requirements are understood and met
- Strong writing, organizational, analytical and communications skills
- Experience with project management or managing a workflow
- Military education or experience may be considered in lieu of civilian requirements listed.
To all recruitment agencies: TD Ameritrade does not accept agency resumes without a signed contract and use of the agency portal. Please do not forward resumes to our job alias, TD Ameritrade employees or any other company location. TD Ameritrade is not responsible for any fees related to unsolicited resumes.
- St Louis, Missouri;
- ID# R-768
- Full time
- Senior Level Professional
- Contract Assignment
Job alertsReceive the latest career opportunities
About TD Ameritrade
As a leader in brokerage and investment services for nearly 45 years, TD Ameritrade offers a full spectrum of powerful solutions and innovative tools for trading and investing. We're constantly expanding our knowledge and boosting our capabilities, from a leading active trader program to intuitive long-term investment solutions, and a national branch system. Combine that with some of the industry's brightest minds, and there's no limit to how big our accomplishments can be.
From first-time investors to sophisticated traders, our technology is focused on helping individuals seek out their financial goals. And you're the ambassador to all that we do. Beginning with our trading platform and proprietary technology that aims to outperform, you'll maintain the high level of quality and integrity we're known for, each and every day. With the right opportunity, there's no limit to what you can accomplish.
As a leading employer in financial services, we believe in building strong relationships, achieving quality results and working with integrity. It's at the heart of everything we do. That's why we provide you with comprehensive training, benefits, and programs that inspire you to achieve more every day. Apply to a TD Ameritrade job today and help our clients pursue their dreams, while you fulfill yours.
Applicants must be eligible to work in the U.S. Immigration sponsorship is typically not available for this position.
TD Ameritrade participates in the E-Verify program. For additional information on this program please click here.