Senior Analyst, Information Security (Risk Management)
jobs-near-me.org
Overview
Overview:
The candidate is expected to work in the risk management and information security domains and support audit both internal and external
The candidate is expected to have a working knowledge of business continuity and disaster recovery
The candidate is expected to effectively conduct vendor risk assessments, vendor audits, and review vendor requirements globally and be the point of contact for all such initiatives
The candidate should have good communication and presentation skills, can work well independently and with other teams, and be available for travel on an as needed basis
The candidate can support the continued use of automation wherever possible to improve efficiency and accuracy of the risk management program
Ability and desire to work in a fast paced, test-drive, agile, collaborative and iterative programming environment
Ability to think clearly and articulate your vision with the appropriate technical depth
Responsibilities
Risk Management
Assist with the review and improvement of the risk register
Assist with the development and tracking risk treatment plans
Vendor Risk Management
Perform vendor risk and security profile assessments, evaluate vendor responses including the potential for creating action items and maintain records
Business Continuity (DR) and Disaster Recovery (DR)
Help oversee the business continuity and disaster recovery program starting with policy and plan development and maintenance through the exercise processes and action item remediation
Assist with the annual BC/DR business impact analysis and risk assessments
Change Management
Assist with the review of weekly change management activities including the weekly change advisory board meeting
Incident Response
Assist with incident response program from management of the incident to remediation, reporting and tracking
Audit
Assist in coordination and remediation of all audits including internal, client, and certification audits
Coordinate and track remediation efforts across multiple teams resulting from any of the programs overseen by the Risk Management vertical
Build and maintain policies and procedures regarding all aspects of responsibilities
Qualifications
Requirements/Qualifications:
Bachelor’s degree
Knowledge of risk management, vendor risk management, business continuity, disaster recovery, change management and incident response
Knowledge of Data Privacy and Cyber Security Frameworks such as GDPR, HIPAA, CCPA, NIST, ISO 27001, etc.
Experience handling projects and involvement with audits