Sr. IT Risk Analyst (Apps/ Infra/ Vendor Risk Assessment), Jersey City, Dallas or Tampa, Contract to Hire, USC/GCH/EAD only, Information security risk, Applications, Infrastructure, Third Party/ Vendor Risk Management, Assessment & Reporting, Certifications/ CISSP/CISM+
Location:Jersey City, New Jersey
Type:Contract To Hire
Sr. IT Risk Analyst (Applications/ Infra/ Vendor Risk Assessment), Jersey City, Contract to Hire, USC/GCH/EAD only, Information security risk, Applications, Infrastructure, Third Party/ Vendor Risk Management, Assessment & Reporting, Certifications/ CISSP/CISM+ =======================
This is a pipeline role*. Please read below for full description.
Position Title: Information Risk Analyst – Information Security
Position Summary: The Information Risk Analyst is responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). The Information Risk Analyst will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.
Principal Responsibilities: • Participate in and influence information risk assessment process improvement • Schedule and perform information risk assessments using client's methodology; identify, document and communicate control deficiencies in business processes and technology systems • Partner with the business and technology to agree cybersecurity risk findings identified through the risk assessment (e.g., vendor, application, infrastructure), new initiatives, and ad hoc processes • Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps • Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences • Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps • Document risk issues in the client's designated risk register • Assist the business and technology groups through the client's process for policy exceptions and risk acceptance
Experience: • 5 – 7 years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management • Financial Services Industry experience a plus but not required • Proficiency with Information Risk Management best practices
Knowledge and Skills Required: • Proven knowledge of technical infrastructure, networks, databases and systems and how they affect an organization’s cybersecurity risk • Proven knowledge of security methodologies, policies, standards and best practices • Proven knowledge of information technology systems, infrastructure and operations • Ability to explain and articulate technical concepts using both technical and non-technical language • Critical thinking and analytical skills • Excellent presentation skills (MS PowerPoint) • Ability to manipulate data in a spreadsheet (MS Excel) • Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives • Strong oral and written communication skills • Excellent organizational skills, coupled with ability to be versatile and flexible • Sound business judgment and the ability to work successfully with all levels of management • Excellent grammar and style skills; ability to adapt writing style for different audiences and media
Education, Training and Certification: Bachelor’s degree preferred CISSP/CISM/CRISC certification preferred
Why work with me when you see the same position advertised with others?
I am a senior staffing professional not a junior recruiter who doesn't know what they are doing yet. I can answer your questions immediately. I know your skill set.
Resume won't get lost in the "black hole"
Feedback and follow through
Resume review, create relevancy
Better information on the company culture
Inside information on the hiring manager, team, the ideal profile, etc.
The best Interview preparation you will ever experience
Email me if you have any questions: firstname.lastname@example.org or InMail me on LI or message me http://www.linkedin.com/in/kathleengriffiths/
*Sixty percent of all job openings for large corporations are really “pipeline roles” – they are not really meant to be filled in the next month which is frustrating for job seekers. They either have a large group of people in this role that are term limited or converted to full-time or they are very specific about the skill set. If you send your resume then we have it on file and if I feel you are a fit for a future opening I will email you. Thank you for understanding.