GIS Risk Management Analyst

Activision Blizzard   •  

Santa Monica, CA

Industry: Hospitality & Recreation

  •  

Less than 5 years

Posted 178 days ago

This job is no longer available.

He/she will provide direct support to the GIS Director, Risk, Engineering & Architecture and follow up on necessary action items for the GIS Director, Risk, Engineering & Architecture team, and provide subject matter expertise from a security risk management perspective as needed

 

Responsibilities include, but are not limited to:

  • Assess, track document, and report on information security risks and controls
  • Conduct application, project, contract and third-party risk assessments and continuous monitoring of key risk indicators and key performance indicators
  • Execute the full lifecycle of third party assessments against third parties on an ongoing basis
  • Monitor, evaluate, and maintain systems and procedures to assess security risk of project, application, contract, and third-party information security risk assessments
  • Maintain process for tracking and reporting on risk through risk register solution
  • Enhance and maintain the enterprise vulnerability management program
  • Educate and communicate security requirements and procedures to IT system owners and others
  • Write and edit reports, and other documents to transfer information regarding security risks and controls to executives, project managers, system owners, business unit managers and others

Primary skillset:

  • Demonstrated experience in information security, security products/systems, security risk analysis or other directly related technical experience
  • Strong analytical, interpersonal and communication skills Successfully applies security principles to a diverse range of risk scenarios to coordinate acceptable solutions between business needs, technology operations, and information security best practices.
  • Assist in designing and supporting the overall security architecture of the enterprise systems environment
  • Interface with the GIS Operations team regularly to assist in operationalizing and integrating ongoing incident response and cyber intelligence outputs into necessary infrastructure/tools
  • Prepare system security reports by collecting, analyzing, and summarizing data and trends.
  • Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
  • Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
  • Expectation of off-hours support, responsiveness and availability in response to security related incidents, material developments which could create risk to the Company, known threats etc.

 

Player Profile

  • Bachelor’s degree in Computer Science, Information Systems, other related field; or equivalent work experience
  • Minimum of three years of information security experience in a corporate or consulting environment
  • Minimum of two years of information security risk experience in a corporate or consulting environment
  • Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders preferred
  • Knowledge of compliance regulations (e.g. GDPR, PCI, SOX)
  • Any one or more of the following preferred
  • Certified Information Systems Security Professional (CISSP) from ISC2
  • (any) Global Information Assurance Certification (GIAC) from SANS
  • Knowledge of common information security management frameworks and practices such as ISO/IEC 17799:2005 and ISO/IEC 270xx, National Institute of Standards and Technology (NIST), and the United States Computer Emergency Readiness Team (US-CERT)
  • Effective technical skills to understand the ramifications of various system security recommendations and decisions
  • Excellent oral/written communication, problem solving and analytical skills
  • Ability to work independently and as part of a team to achieve desired objectives and project results
  • Ability to interface effectively and decisively with all levels of management, departments and outside vendors.

 

INF0000AP