Cybersecurity Risk Analyst
Cybersecurity Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Position Summary:
MUST HAVE US CITIZENSHIP OR GREEN CARD NO CANDIDATES NEEDED VISA SPONSORSHIP NOW OR ANY TIME IN FUTURE.
The Information Risk Analyst/Consultant is responsible for creating risk assessment questionnaires performing risk assessments of applications (onpremises and cloud) infrastructure (onpremises and cloud) as well as vendors assessments against a defined risk framework. These assessments will be conducted through a formalized risk assessment program. The Information Risk Analyst will have the ability to identify risks that are associated how business and technology workforce utilize information technology and in supporting technological systems.
Principal Responsibilities:
Research technology security issues cybersecurity best practices and create risk assessments questionnaires that can be used to assess applications and infrastructure.
Schedule and perform information risk assessments using methodology; identify document and communicate control deficiencies in business processes and technology systems.
Partner with the Enterprise IT to agree on cybersecurity risk findings identified through the risk assessment (e.g. Databases Operating Systems Networking Devices Storage Systems Cloud Systems etc. new initiatives and ad hoc processes.
Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps.
Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences.
Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps.
Create asse3ssment reports and dashboards that will be communicated with various IT owners.
Document risk issues in the designated risk register
Assist the business and technology groups through the process for policy exceptions and risk acceptance.
Participate in and influence information risk assessment process improvement.
Experience:
5 years of risk assessment experience in one or more areas: application infrastructure vendor risk management
Financial Services Industry experience a plus but not required.
Note: Candidates with previous Financial Services Industry background will be given preference over others.
Proficiency with Information Risk Management best practices
Proficiency with information technology in general and cybersecurity technical issues
Knowledge and Skills Required:
Proven technical knowledge of infrastructure networks databases and systems and how they affect an organizations cybersecurity risk.
Proven knowledge of security methodologies policies standards and best practices.
Proven knowledge of information technology systems infrastructure and operations.
Ability to explain and articulate technical concepts using both technical and nontechnical terms.
Critical thinking and analytical skills.
Excellent presentation skills (MS PowerPoint)
Ability to manipulate data in a spreadsheet (MS Excel)
Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives.
Strong oral and written communication skills.
Excellent organizational skills coupled with ability to be versatile and flexible.
Sound business judgment and the ability to work successfully with all levels of management.
Excellent grammar and style skills; ability to adapt writing style for different audiences and media.
Education Training and Certification:
Bachelors degree preferred.
CISSP/CISM/CRISC/CCSP certification preferred
Hybrid Office Schedule: 3 Days Onsite/2 Remote
Role can be based in the following locations:
- Dallas Texas
- Tampa Florida
- Jersey City New Jersey
Contract w/option for Direct Hire conversion
Employment Type
Full Time
