Ocwen is intensely focused on hiring, developing and retaining the best talent in the industry! Our commitment to Diversity & Inclusion ensures that we are an organization that creates, promotes and sustains an inclusive work environment in which diversity, inclusiveness and respect are integral parts of our culture and work environment. Building the reputation as an outstanding place to work, a great business partner and a valued community member is our everyday endeavor.
Ocwen’s mission is to delight our customers through caring service and innovative lending solutions. We proudly serve over 1.3 million families with their mortgage needs by helping to find real solutions that benefit our customers and help to build stronger communities. Helping Homeowners is What We Do!®.
Consider an opportunity to join our global team and put “Caring in Action” while growing your career.
• The Incumbent would be responsible to assist in creation, implementation of Security Governance Policy Framework, Audits and review processes.
• This position will give an opportunity to work for governance on system/application access control and associated compliance across all Ocwen applications.
• Hand-on Experience in implementing User Access Management and designing overall governance framework using standards like ISO 27001 / ITIL is a must
• This is a global role engaging stakeholders (at all levels) across geographies like India, Philippines and US
• This position will report to the Manager or Senior Manager Information Security and is expected to work independently on tasks assigned
• Certifications such as ISO27001 LA, CISA equivalent is preferred
• Information security team is a healthy mix of exuberance, expertise and experience
• Perform and oversee Information Security Policy Framework and reconciliation applications
• Review Security Architecture of application (including third party); identifying integration issues related to federation, researching information security standards and make recommendations for adequate user access monitoring.
• Good understanding of Authentication techniques like LDAP, Kerberos, SSO, PKI
• Fair understanding of Authentication mechanism in cloud based applications
• Basic understanding of emerging solutions like Identity as a Service
• Good understanding of Entitlement management and enforcement of logical access controls
• Review/Audit of Business Processes at periodic intervals
• Works independently on security, authorization and user administration related requests
• Assist and perform in Access Management related admin tasks e.g. dashboards and Report preparation for senior management on security metrics.
• Fair understanding of Application Security areas like Authentication, Authorization, Session Management, Cryptography etc.
• Identify critical applications and perform AppSec testing of new applications and Tier 1/Tier 2 applications yearly
• Identify issues/gaps in external pen test and online security assessment and Ensure security issues are tracked to closure.
• 7-10 years of progressive experience in one or more of the following: internal/external IT and business process auditing, sourcing advisory, vendor management roles with 2 years’ experience in either auditing or sourcing
• Extensive experience in Information Security and/or BCP/DR with an audit perspective
• Extensive experience with the latest regulatory, compliance, information technology and security policies, standards and procedures such as GLBA, SOX, ISO27000 Standards, CoBiT, COSO, FFIEC, etc.
• Bachelor’s degree from an accredited college / university. Management degrees MS, M. Tech or MBA in relevant field would be an added advantage.
o Certified Information Systems Auditor (CISA) or ISO 27001 : 2013 LA
• Demonstrated experience in conducting vendor assessments, and risk reviews
• Demonstrated experience in a multi-vendor environment and Project Management role preferred
• Experience with user authentication related protocols such as OAUTH2, SAML, OpenID, ADFS
• Network security experience with Firewalls, Routers, Switches, VPN, VOIP, etc., preferred
• Server security experience with hardening, vulnerability assessments, patch management preferred
• Experience with access control gateways, role management, multifactor authentication and directory services
• Knowledge and understanding of current DR planning techniques, industry standards and methodologies including BIA process, risk analysis procedures and RTO/RPO measurements preferred
• Excellent organizational, skills, detail oriented, logical, and systematic with the ability to multi-task and drive projects to successful conclusion; must be able to gather and interpret relevant information; must have experience presenting conclusions in a clear and concise manner; with ability to work in a high value and strict deadline environment
• Demonstrated track record of leadership, collaboration skills, and project management
• Understanding of various cloud models including Amazon, Azure, Oracle and Cloud Security.
• Strong proficiency in Microsoft Office applications: MS Excel, Word, PowerPoint) with a general understanding of data analysis techniques
• Excellent verbal and written communication skills with a demonstrated ability to build and maintain relationships within the organization
Ocwen Financial Corporation, our affiliates and subsidiaries (“Ocwen”) is an Equal Opportunity Employer. Ocwen and its affiliated companies recruit and hire qualified candidates without regard to race, religion, color, sex, sexual orientation, age, national origin, citizenship and veteran or disability status, or any factors prohibited by law.