IT Security & Risk Analyst (Review Access Rights)
A Global American Management Consulting Group is looking for a ITS Security & Risk Analyst that ensures that information security within the infrastructure, applications and business processes is continuously improved. This includes proactive review and remediation of the current state of ITS security issues, management processes, tools and activities, and providing recommendations for enhancement where appropriate. Candidates will have broad Information Security skills with a solid understanding of cross functional IT Security areas such as Identity & Access Management, Infrastructure Security, Application Security, Data Protection and experience working with a broader team on security products and services.
• Complete security and technology risk related RFP questionnaires from Clients
• Manage logical security processes, controls and lifecycles are followed efficiently and aligned to deliver compliance with security policies
• Manage Client Audit requests & work with responsible ITS teams to develop mitigation plans and ensure audit finding are addressed and remediated
• Act as the point of contact for internal ITS audits, coordinate audit activities, review evidence provided and manage responses for issues identified and published in audit reports
• Identify, document, and assess information security vulnerabilities and risks in the information technology environment
• Evaluate identified vulnerabilities and risks, working with business owners, risk management, and IT leaders
• Identify tasks and controls necessary to remediate identified risks and vulnerabilities; negotiate dates for remediation to be complete
• Provide security consulting and technical assistance with the evaluation, selection, initial set-up and secure deployment of new IT systems
• Follow up with compliance tasks related to policies, standards and procedures
• Coordinate communication with various stakeholders and provide general support on risk & security related issues
In return for this excellent career opportunity, we ask that you have the following:
• Tertiary Education in Computer Science
• Proven ability to examine, improve and execute the organization's existing security risk assessment processes and procedures
• Ability to explain information security concepts to audiences outside of the field
• Strong knowledge of current industry Security standards and best practices (NIST, HITRUST)
• Strong technical knowledge in application security, Directory Services (LDAP, AD), Internet/Intranet architecture and design, operating system hardening, vulnerability management and encryption
• Excellent planning & organizational skills
• Excellent customer\client service orientation
• Polished and professional demeanor
• Occasional travel to other offices and firm events
If this speaks to you and you are ready for a new challenge, please send your Resume in MS word format to firstname.lastname@example.org.
Even if you are not interested, you can still park your CV with us for other IT positions or forward this Advertisement to your counterparts with the relevant IT experiences I am looking for.
We Seek to:
• Understand your personal circumstances, needs and ideals
• Present your credentials to our clients only with your permission
• Strategize and consult with you
Your application will be kept with the strictest of confidence.