Senior Consultant at HeadPro Consulting LLP
Views:2402 Applications:19 Rec. Actions:Recruiter Actions:0
Analyst - Security Risk & Compliance - IT Service Firm (3-5 yrs)
Position Summary :
The primary responsibilities of the Information Security Risk and Compliance Analyst will be to work within the Global Information Security Team as an individual contributor to perform some or all of the following duties as appropriate :
- Review technologies and solutions based on a risk assessment methodology in order to identify threats, risks and vulnerabilities that may have an adverse impact to the Company information systems and confidential data.
- Document risks, determine if control objectives meet relevant success criteria and identify risk mitigation activities.
- Perform effective and efficient reviews of key security controls and communicate analysis of the effectiveness of these controls as required.
- Facilitate data and system inventories; review associated risks, and appropriately track these risks/issues in relevant platforms.
- Support efforts in our third party risk assessments of our critical vendors and partners globally.
- Coordinate with data protection teams to facilitate impact analyses or risk assessments and document appropriately
- Demonstrate knowledge of information security and provide guidance to other TSG members across the Company offices worldwide.
- Assist other team members in various projects as needed.
Candidates should have 1 or more of the following expertise :
- Strong knowledge in information security standards and principles,
- Basic knowledge in the overall field of IT system administration, infrastructure and networking technologies, and information security best practices.
- Ability to identify risks based on documented frameworks of technical and data security controls and communicate those risks appropriately.
The candidate should also possess excellent collaborative, communication and problem-solving skills and an ability to work with other individuals across various companies functions to communicate complex problems or deficiencies as needed.
This role will have an impact in providing greater security and risk awareness globally through interaction with other TSG teams, local help desks and with other departments in implementing high standards of security and functionality throughout the organization.
Personal Specification :
- Bachelor's degree or equivalent with demonstrated interest in technology, technology issues and analysis.
- 3-5 years- experience in a security risk or compliance role or relatable audit or technical function.
- Basic understanding of security or relevant technologies (Firewall, IPS, IDS, SIEM, and ACL).
- Proven project management skills.
- Ability to work in a fast paced, dynamic environment.
- Attention to detail and priority/time management.
- Strong customer service, analytic, communication (oral and written) and troubleshooting/problem solving skills.
- High performance and standards as demonstrated by academic or previous job experience.
Preferred, but not required :
- Industry accepted security certifications (CISSP, GIAC, CISA, etc.) are not required, but are a plus.
- Knowledge of security policies, regulations, compliance issues, processes and standards (e.g. ISO, ITIL, GDPR, COBIT, PCI, NIST, SSAE-16/18 standards).
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.