Sr. IT Security Risk Analyst (Apps/ Infra/ Vendor Risk) — JC, PL

Sr. IT Risk Analyst (Apps/ Infra/ Vendor Risk Assessment), Jersey City, Dallas or Tampa, Contract to Hire, USC/GCH/EAD only, Information security risk, Applications, Infrastructure, Third Party/ Vendor Risk Management, Assessment & Reporting, Certifications/ CISSP/CISM+
  • Location: Jersey City, New Jersey
  • Type: Contract To Hire
  • Job #3901

Sr. IT Risk Analyst (Applications/ Infra/ Vendor Risk Assessment), Jersey City, Contract to Hire, USC/GCH/EAD only, Information security risk, Applications, Infrastructure, Third Party/ Vendor Risk Management, Assessment & Reporting, Certifications/ CISSP/CISM+
=======================

This is a pipeline role*. Please read below for full description.

Position Title:
Information Risk Analyst – Information Security

Position Summary:
The Information Risk Analyst is responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). The Information Risk Analyst will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.

Principal Responsibilities:
• Participate in and influence information risk assessment process improvement
• Schedule and perform information risk assessments using client's methodology; identify, document and communicate control deficiencies in business processes and technology systems
• Partner with the business and technology to agree cybersecurity risk findings identified through the risk assessment (e.g., vendor, application, infrastructure), new initiatives, and ad hoc processes
• Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps
• Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences
• Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps
• Document risk issues in the client's designated risk register
• Assist the business and technology groups through the client's process for policy exceptions and risk acceptance

Experience:
• 5 – 7 years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management
• Financial Services Industry experience a plus but not required
• Proficiency with Information Risk Management best practices

Knowledge and Skills Required:
• Proven knowledge of technical infrastructure, networks, databases and systems and how they affect an organization’s cybersecurity risk
• Proven knowledge of security methodologies, policies, standards and best practices
• Proven knowledge of information technology systems, infrastructure and operations
• Ability to explain and articulate technical concepts using both technical and non-technical language
• Critical thinking and analytical skills
• Excellent presentation skills (MS PowerPoint)
• Ability to manipulate data in a spreadsheet (MS Excel)
• Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives
• Strong oral and written communication skills
• Excellent organizational skills, coupled with ability to be versatile and flexible
• Sound business judgment and the ability to work successfully with all levels of management
• Excellent grammar and style skills; ability to adapt writing style for different audiences and media

Education, Training and Certification:
Bachelor’s degree preferred
CISSP/CISM/CRISC certification preferred

 

——————–

Why work with me when you see the same position advertised with others?

  • I am a senior staffing professional not a junior recruiter who doesn't know what they are doing yet. I can answer your questions immediately. I know your skill set.
  • Resume won't get lost in the "black hole"
  • Feedback and follow through
  • Resume review, create relevancy
  • Better information on the company culture
  • Inside information on the hiring manager, team, the ideal profile, etc.
  • The best Interview preparation you will ever experience

Email me if you have any questions: kathleen.griffiths@sg.com or InMail me on LI or message me http://www.linkedin.com/in/kathleengriffiths/

*Sixty percent of all job openings for large corporations are really “pipeline roles” – they are not really meant to be filled in the next month which is frustrating for job seekers. They either have a large group of people in this role that are term limited or converted to full-time or they are very specific about the skill set. If you send your resume then we have it on file and if I feel you are a fit for a future opening I will email you. Thank you for understanding.

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!

Submit Resume

Why work with me?

Experienced staffing professional, knows client corporate culture/hiring manager, resume and interview preparation, most ethical person in the business, but only works with like-minded people . . .

Full contact information on LI Profile http://www.linkedin.com/in/kathleengriffiths/ reach out anytime