Innovate here. And see your ideas come to life.
It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship.
Want more jobs like this?
Get jobs in Gunnison, CO delivered to your inbox every week.
Job Overview
Position Schedule: Full-Time
This job posting is anticipated to remain open for 30 days, from 18-Jul-2025. The posting may close early due to the volume of applicants.
The Senior Cybersecurity Risk Analyst will work at the direction of the Team Lead to independently perform advanced aspects of the cybersecurity awareness and governance, risk, and compliance (GRC) lifecycle. The Senior Cybersecurity Risk Analyst will have a broad level of understanding that allows them to overlay business, technology, security, and regulatory concepts to identify trends and draw unique conclusions that direct work and strategies related to risk identification and management. They will work as advocates of the security organization and with partners in IT and across the second and third lines of defense to ensure consistency and efficiencies throughout the Firm's overall GRC lifecycle. The main focus of this position is to mature, expand, and deliver training and awareness efforts related to cybersecurity regulatory and audit requirements, and other cybersecurity-related initiatives and requests.
What You'll Do:
- Create training and awareness campaigns that create an understanding of how to maintain and execute a process for performing varying levels of security risk assessments across the environment and train and provide oversight to Cyber Risk Analysts and Digital leaders on use. Actively use the processes to complete the most advanced and complex security assessments.
- Participate in a process and system for tracking regulatory requirements and agreed upon security framework requirements so as to creating training to provide oversight to Cyber Risk Analysts and Digital leaders on use. Ensure all appropriate Digital leaders maintain awareness and compliance with requirements that are applicable to their space.
- Create training and awareness campaigns that create an understanding of how to work with third-party risk teams to maintain and execute an ongoing assessment process for reviewing the cyber posture of third-party vendors that the Firm is using or is considering using to identify potential risks.
- Create training and awareness campaigns that create an understanding of the use of Key Performance Indicators and Key Risk Indicators, including structure around risk thresholds and actions to be taken when those thresholds are met.
- Create training and awareness campaigns that create an understanding of the work across the information security organization to deliver reporting of key aspects of the information security program through dashboards and monthly, trimester, and annual reports. Maintain processes to ensure that key items are escalated and reported on appropriately to varying levels of leaders, including up to the Firm's Enterprise Leadership Team.
- Ensure that the training and awareness campaigns help educate Home Office Associates, Financial Advisors, and Clients in how to protect themselves and the Firm from cyber threats. Maintain and execute against a framework for managing cybersecurity policies, standards and procedures. Provide oversight, guidance, and training on it to Cyber Risk Analysts and security teams, to ensure adoption and adherence to it.
- Maintain and execute against a framework for managing cybersecurity controls (both technical and process related) in a way that incorporates alignment of controls to regulatory requirements and security frameworks as well as tracks control completeness and effectiveness. Provide oversight, guidance, and training on it to Cyber Risk Analysts and security teams, to ensure adoption and adherence to it.
- Creation training and awareness campaigns that create an understanding of how to execute against a framework for identifying cybersecurity issues, and risks with clear and consistent ways of calculating severity, assigning remediation dates based on severity, and tracking and reporting on them to drive effective and timely mitigations.
Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page.
Hiring Minimum: $84100
Hiring Maximum: $143100
Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act. Edward Jones is prohibited from hiring individuals with certain specified criminal history as set forth in Section 3(a)(39) and 15(b)(4) and Rule 17a-3(a)(12) of the Securities and Exchange Act of 1934, and conducts background reviews consistent with FINRA Rule 3110(e). A copy of a notice regarding the provisions of the Los Angeles County Fair Chance Ordinance is available at: dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf.
Read More About Job Overview
Skills/Requirements
What Experience You'll Need:
- Degree in Cyber Security, Computer Science, Computer Engineering, Information Systems or related field preferred
- Completed one training and certification in the Cybersecurity Governance, Risk and Compliance space (CISSP, CRISC, Sec+, CISA) preferred
- Expertise on current security threats and vulnerabilities and of how threat actors execute common attack paths
- Demonstrated experience related to security technologies, processes, requirements, challenges, and best practices
- Demonstrated expertise with regulatory requirements and common frameworks used by security organizations within the Financial Industry
- Expertise with core security components and best practices for an enterprise organization
- Demonstrated strong writing skills using both industry jargon and appropriate grammar
- Demonstrated the ability to effectively write training literature and conduct training session understood by executive leadership, technical subject matter experts, and Edward Jones clients
Read More About Skills/Requirements
Awards & Accolades
At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received.
Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones
Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones
Read More About Awards & Accolades
About Us
Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns.
Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging.
People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career.
View our Purpose, Inclusion and Citizenship Report.
¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating.
Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.
#LI-HO