Description
Information Security Risk Analyst
Skills: CISSP and/or CISA, Information Security, IT risk Analysis, & IT security experience, Information Security risk assessments, secure design analysis, architecture assessment and development, and security testing of applications and systems
Summary
As the Information Security Risk Analyst you will analyze and evaluate information security systems and architectures, and develop security measures to protect information against unauthorized modification or loss. You will also lead the Information Security aspects of business initiatives and IT projects to assist in mitigating security risks for information, business and operational applications and systems across the company. In this role you will a ssist in research and evaluation of new security products and services, and be responsible for system security planning, developing and implementing security policies across multiple platforms. This is a 6-12 month contract opportunity.
Repsonsibilities:
- Provides support in the areas of security management and security architecture standards and documentation. Works with the AVP, Information Security in defining security frameworks for existing and new systems and review and refine the information security policy, standards and procedures annually.
- Develop, deploy and maintain an objective risk assessment methodology for threat, compliance, risk identification, prioritization and relative comparison of security and compliance risks.
- Operate a formalized risk management program including of threats, analysis, reporting and remediation planning. Assesses and ensure that all company technology solutions and services are properly secured against unauthorized access and exposures, including outsourced and hosted solutions.
- Evaluates and ensures compliance of company's hardware and software with IT Security Policies and industry security standards such as NIST, SANS and CIS.
- Maintain documentation for all technology security assets, reports and policies.
- Develops cutting-edge, innovative solutions for IT network security.
Qualifications:
- Bachelor's degree in Information Security, Computer Information Technology, Management Information Systems or related discipline.
- Formal certification in Information Security or other equivalent security certifications preferred - CISSP and/or CISA.
- Three to five years of Information Security, IT risk analysis and IT security experience required.
- Extensive experience on performing Information Security risk assessments, secure design analysis, architecture assessment and development, and security testing of applications and systems.
- Experience writing technical documentation, procedures, and policies are a must.
- Knowledge of financial federal regulations such as GLBA, FFIEC, PCI, and Sarbanes Oxley Act is preferred.
- Knowledge of ISO 27002 Information Security framework.
Benefits:
As an Agile consultant, you'll gain many of the advantages and benefits of being a direct hire, while experiencing the flexibility of consulting. It's the best of both worlds! Our IT consultants enjoy a wide array of benefits including: medical, dental, 401K, life insurance, Employee Assistance Program and more.