ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    IT Risk Analyst 1yr Contract to Hire

    IT Careers
    1
    1
    204
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ
      last edited by

      Located in the Orlando, Florida area...

      Contract IS Risk Assessment Analyst – Job Description

      Position Summary

      The IT Governance, Risk Management & Compliance Analyst is responsible for working with the GRC Leadership team, Information Technology, Business Units, other relevant departments to analyze and implement IT Security & Risk Management frameworks, policies, standards and best practices. Assists in translating industry, government and contractual compliance requirements (PCI-DSS, HIPAA, NIST, etc.) into IT Security & Risk Management frameworks, policies, standards & best practices. Coordinates remediation of non-compliant areas of IT. Supports and coordinates internal and external audits for the areas of IT Security, Risk Management & Compliance. Assists in development and implementation of IT security awareness programs for both technical and non-technical audiences.

      Essential Functions

      • Supports the work of the IT Security Governance, Risk Management & Compliance (GRC) department who are responsible for analyzing and implementing IT Security & Risk Management frameworks policies, standards and best practices.
      • Executes regular or scheduled tasks as assigned, summarizing and reporting findings, ensuring that audit issues and associated root causes are understood, well defined and presented to GRC leadership.
      • Assist in the development of formal written reports to communicate audit results to management and makes recommendations as appropriate.
      • Works with GRC Leadership, Information Technology and Business Units to document and implement IT Security & Risk Management frameworks, policies, standards and best practices.
      • Supports and coordinates internal and external audits for the areas of IT Security and Risk Management.
      • Coordinates remediation for non-compliant areas of IT.
      • Maintain a high level of technical expertise on selected vendor products to assist team leadership in identifying the ones that best meet the organization needs.
      • Maintains up to date knowledge of security laws, principles and best practices.
      • Stay current with emerging threats and trends.
      • Assist teams in various security and privacy risk mitigation efforts.
      • Monitor and process Service ticket queues.
      • Assists with vulnerability management.
      • Conduct risk assessments and audits on the organization's information technology infrastructure.
      • Identify Cyber Security threats/Vulnerabilities and escalate to senior team members.
      • Work with a team of Cyber Security Engineers across multiple software programs.
      • Ability to work individually and on team projects in an environment of teamwork and cooperation.
      • Performs general project planning tasks such as project risk assessments, alternative implementation analysis, and project status tracking and reporting.

      Education/Training

      Associate’s degree in Computer Science (or equivalent). Two (2) years of directly related work experience may substitute for the Associate’s degree (in addition to the requirements listed in the Experience section)

      Licensure/Certification

      Required: At least one Security Governance, Risk and Compliance related certification (Security+/CISSP/GIAC/CRISC/ CGEIT/ PMI-RMP/ CRMA/ GRCP etc…)

      Experience
      Three (3) years’ experience in information technology including one year of IS Security Risk Assessment related experience.

      1 Reply Last reply Reply Quote 2
      • 1 / 1
      • First post
        Last post