Description

CW-Cyber Security Analyst III
The Sr. Info Security Analyst drafts, communicates, implements, enforces and monitors the organization's security controls to protect technology assets from intentional or inadvertent modification, disclosure or destruction. Under limited supervision, this job works independently to manage and monitor the organization's IT systems and networks to ensure the security and safety of the organization's information.

Key Responsibilities and Duties

• Ensures implementation of secure operating systems, networks and databases for the organization.
• Performs complex risk assessments and executes tests of data processing system to ensure functioning of data processing activities and security measures.
• Drafts plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
• Encrypts data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers.
• Facilitates risk audits and assessments and provides recommendations for application design to ensure operating effectiveness.
• Monitors analysis of system access logs, ensuring only permitted individuals have access to company information.
• Reviews violations of computer security procedures and discusses procedures with violators to ensure violations are not repeated.
• Trains users and promotes security awareness to ensure system security and to improve server and network efficiency.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 3 Years Required; 5 Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
7IC

Leadership & Strategy

• Lead the cybersecurity team, providing mentorship, guidance, and performance management.
• Develop and execute the organization's cybersecurity strategy aligned with business goals.
• Collaborate with IT leadership and stakeholders to assess risk and define security priorities.

Microsoft Security Operations

• Administer and optimize Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.
• Manage and monitor Microsoft Sentinel for threat detection, incident response, and log analytics.
• Implement and maintain Microsoft Purview for data governance, compliance, and information protection.
• Oversee Entra ID (Azure AD) identity and access management, including Conditional Access and Privileged Identity Management (PIM).
• Conduct regular reviews of security configurations and policies across Microsoft 365 and Azure environments.
• Conduct monthly Attack Simulations

Threat Management & Incident Response

• Lead threat hunting and incident response activities using Microsoft XDR and SIEM tools.
• Develop and maintain playbooks for automated response in Sentinel and Defender.
• Coordinate with internal teams and external partners during security incidents and investigations.

Governance, Risk & Compliance

• Ensure compliance with industry standards (e.g., NIST, GDPR, LGPD, DORA, other local data privacy laws).
• Conduct risk assessments and vulnerability scans; manage remediation efforts.
• Maintain documentation for security policies, procedures, and audit readiness.

Training & Awareness

• Promote security awareness across the organization through training and communication.
• Stay current with emerging threats, vulnerabilities, and Microsoft security innovations.

Leadership & Strategy

• Lead the cybersecurity team, providing mentorship, guidance, and performance management.
• Develop and execute the organization's cybersecurity strategy aligned with business goals.
• Collaborate with IT leadership and stakeholders to assess risk and define security priorities.

Microsoft Security Operations

• Administer and optimize Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.
• Manage and monitor Microsoft Sentinel for threat detection, incident response, and log analytics.
• Implement and maintain Microsoft Purview for data governance, compliance, and information protection.
• Oversee Entra ID (Azure AD) identity and access management, including Conditional Access and Privileged Identity Management (PIM).
• Conduct regular reviews of security configurations and policies across Microsoft 365 and Azure environments.
• Conduct monthly Attack Simulations

Threat Management & Incident Response

• Lead threat hunting and incident response activities using Microsoft XDR and SIEM tools.
• Develop and maintain playbooks for automated response in Sentinel and Defender.
• Coordinate with internal teams and external partners during security incidents and investigations.

Governance, Risk & Compliance

• Ensure compliance with industry standards (e.g., NIST, GDPR, LGPD, DORA, other local data privacy laws).
• Conduct risk assessments and vulnerability scans; manage remediation efforts.
• Maintain documentation for security policies, procedures, and audit readiness.

Training & Awareness

• Promote security awareness across the organization through training and communication.
• Stay current with emerging threats, vulnerabilities, and Microsoft security innovations.

Company Overview
At TIAA, we're on a mission to build on our 100+ year legacy of delivering for our clients while evolving to meet tomorrow's challenges. We equip our associates with future-focused skills and AI tools that enable us to advance our mission. Together, we are fighting to ensure a more secure financial future for all and for generations to come. We are guided by our values: Champion Our People, Be Client Obsessed, Lead with Integrity, Own It, and Win As One. They influence every decision we make and how we work together to serve our clients every day. We thrive in a collaborative in-office environment where teams work across organizational boundaries with shared purpose, accelerating innovation and delivering meaningful results. Our workplace brings together TIAA and Nuveen's entrepreneurial spirit, where we work hard and work together to create lasting impact. Here, every associate can grow through meaningful learning experiences and development pathways-because when our people succeed, our impact on clients' lives grows stronger.
Benefits and Total Rewards
The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That's why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being.

To learn more about your benefits, please review our Benefits Summary.
Equal Opportunity
We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.

See our full Equal Employment Opportunity & Non-Discrimination statement below. You can read more about your rights and view government notices here.
Accessibility Support
TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application, please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: accessibility.support@tiaa.org
Drug and Smoking Policy
TIAA maintains a drug-free and smoke/free workplace. Please see our Drug-Free and Smoke-Free Policy to learn more.
Privacy Notices
For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.

For Applicants of TIAA Global Capabilities, click here.

For Applicants of Nuveen residing in Europe and APAC, please click here.

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.

Read more about your rights and view government notices here.



r1d4rh5eu