The Senior IT Risk Management Analyst will assist the Director of IT Risk Management to ensure the global information securityrisk management process is implemented for world-wide information assets and systematically assures that risks have been identified and appropriately addressed.
This role will be responsible for the following world-wide functions: 1. IT Security Control Framework,
2. TechnologyRisk Assessments,
3. Risk Acceptance/Exception,
4. Security Governance Reviews and 5. Risk/Issue Tracking and Reporting. Other duties may be assigned as necessary.
- Conduct and/or coordinate IT securityrisk assessments for technology and security frameworks.
- Execute projects to close gaps.
- Facilitate multiple stakeholders to agree on appropriate solutions and verify that securityrisks are mitigated appropriately.
- Verify that requiredsecurity controls are baked into new products.
- Perform deep dives on IT security-related processes and systems.
- Identify system limitations that could lead to regulatory risks in new products and services, and provide guidance for resolution and risk mitigation.
- Stay abreast of innovative business and technology trends in IT security, risk, and controls and advise leadership on technology initiatives.
- Partner with key stakeholders to define and implement new IT security requirements within supporting systems.
- 6+ years of progressive experience in IT information security and/or audit.
- Excellent management and communication skills (verbal and written).
- Ability to collaborate with business partners in setting business goals and objectives.
- Knowledge of IT risk assessment methodologies and frameworks, IT policies and standards.
- Ability to manage and analyze data.
CISSP/CISA/CISM/CRISC or other relevant professional designation.