Information Governance Analyst

VeriSign   •  

Reston, VA

Industry: Professional, Scientific & Technical Services

  •  

8 - 10 years

Posted 26 days ago

This job is no longer available.

The Information Governance Analyst for Information Security Governance, Risk, and Compliance is in charge of supporting an enterprise-wide information security information governance program and will provide leadership and ownership for a variety of high-visibility initiatives.


Primary Responsibilities:

  • Lead internal efforts to develop, implement, and enforce enterprise-wide information-security requirements around the governance of data and information. These responsibilities include: documenting, providing recommendations for, analyzing, and assessing technical and management security controls for the identification, classification, inventory, security, retention, disposal, and monitoring of organizational data and information. Required to provide expert-level input and recommendations for process, control, tool, and technology changes to meet internal and external compliance and operational requirements.
  • Perform security audits, internal security assessments, risk assessments, support the management of independent external security audits and evaluate the organization's compliance with internal information governance requirements
  • Identify, analyze, and translate information governance observations into actionable, timely, and risk-based remediation plans
  • Assist with the development and management of the enterprise information security policies, standards, and procedures associated with information governance
  • Report to senior management about the effectiveness of the information governance program, and make recommendations for the adoption of new procedures, controls, and/or technologies
  • Effectively communicate security requirements, assessment results, and remediation efforts to senior management
  • Serve as a subject matter expert to internal security, privacy, and compliance stakeholders on specific topics/issues to enhance the establishment of the overall information governance program
  • Act as an advocate for internal customers and business units to enable success while managing security risks

QUALIFICATIONS

  • 8+ years progressively responsible experience in information security governance, risk and compliance
  • An ability to quickly complete assigned tasks from senior management with little or no supervision
  • Strong attention to detail and ability to create high quality work products suitable for executive-level review
  • Excellent written and oral communication skills are required
  • Must be able to summarize and communicate technical data to a non-technical audience
  • Strong project management skills
  • Must be highly-motivated, with a strong work ethic, and able to work effectively under supervision
  • Information Governance Professional (IGP) certification is highly valued. Professional security management certifications, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) are preferred
  • Systems (Windows/Linux/Unix) security engineering and/or network security engineering experience are a plus
  • Bachelor's degree in computer science, or related field required