Navient (Nasdaq: NAVI) provides asset management and business processing solutions to education, healthcare and government clients at the federal, state, and local levels. We help our clients and millions of Americans achieve financial success through our services and support. Headquartered in Wilmington, Delaware, Navient employs team members in Western New York, Northeastern Pennsylvania, Indiana, Tennessee, Texas, Virginia, and other locations. Learn more at navient.com.
The FISMA Compliance Analyst II is responsible for developing and executing control test plans for assigned critical processes and associated integrated controls (including Sarbanes-Oxley). The incumbent must become familiar with NIST requirements (NIST 800-53) as well as FFIEC, HIPAA, GLBA, PCI and other regulatory frameworks. This position is responsible for working with IT areas to ensure critical processes have been analyzed and documented. The incumbent must ensure that adequate testing is performed on assigned control tests.
The FISMA Compliance Analyst II is also responsible for issue identification and remediation validation. This position will require effective and timely communication and documentation of issue statuses. Some communication with senior management may be required and will be verbal as well as written. The incumbent will work with control owners to gather evidence for control testing, as well as for remediation validation.
The position will be responsible for certain requirements around federal boundaries. The incumbent must become familiar with the boundaries currently supported and the process to maintain an authority to operate. Additionally, this position will be involved in other projects as assigned that may be regulatory, security, IT or risk related.
This position will support a federal government contract. Applicants must be able to obtain Public Trust security clearance as required of federal government contractors to include a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. For this level of clearance, applicants must possess U.S. citizenship.
- Bachelor's Degree in Computer Science, Information Systems, Business, Accounting or equivalent experience
- 2 years minimum experience in Information Technology, Information Security and/or auditing/controls testing
- Ability to meet project due dates.
- Excellent written and verbal communication skills, including presentation skills.
- Ability to simultaneously work on multiple projects.
- Ability to recognize/analyze/and document deficiencies and articulate those deficiencies to key management personnel.
- Excellent organizational skills.
- Excellent analytical skills and problem-solving ability.
- Ability to make recommendations and decisions independently.
- Ability to perform well under pressure and to work independently with high levels of initiative.
- Proficient in Microsoft Excel.
- Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA)
- FISMA/NIST, FFIEC, HIPAA, GLBA, and/or PCI regulatory framework experience and knowledge
All offers of employment are contingent on standard background checks. Navient and certain of its affiliated companies are federal, state and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability.
EOE Race/Ethnicity/Sex/Disability/Protected Vet/Sexual Orientation/Gender Identity. Navient Corporation and its subsidiaries are not sponsored by or agencies of the United States of America.
Navient is a drug free workplace.
Certified Information Security Manager
Certified Internal Auditor
Federal Information Security Management Act