Information Security Risk Analyst II - IT Risk

Other Jobs To Apply

About the position

Responsibilities

  • Monitor and assess IT & security risks across information systems throughout their lifecycle.
  • Perform ongoing assessment of IT controls to ensure they are operating effectively and efficiently.
  • Identify and document sensitive data stored, transmitted, or processed within systems.
  • Enforce security principles such as least privilege and least functionality.
  • Provide actionable insights to senior leadership to support risk-informed decision-making.
  • Develop and maintain risk management procedures, including evaluating the significance of identified risks, defining acceptable mitigation strategies and risk tolerance, establishing ongoing risk monitoring practices, and ensuring effective oversight of the risk management strategy.

Requirements

  • 4 Year / Bachelor's Degree, required.
  • Minimum three years Information Security Risk Analysis, Information Security, required.
  • (CRISC) and (CompTIA Security+ or CompTIA Healthcare IT Tech) or equivalent. (Two cert req), required.
  • Intermediate knowledge of risk management processes.
  • Intermediate knowledge of national laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Intermediate knowledge of cybersecurity principles.
  • Intermediate knowledge of cyber threats and vulnerabilities.
  • Basic knowledge of cyber defense mitigation techniques and vulnerability assessment tools.
  • Intermediate knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins.
  • Intermediate knowledge of information assurance (IA) principles.
  • Intermediate knowledge of current industry methods for evaluating, implementing, and disseminating IT security assessment tools.
  • Intermediate knowledge of new and emerging IT and cybersecurity technologies.
  • Intermediate knowledge of the organization's enterprise IT goals and objectives.
  • Intermediate knowledge of the organization's core business/mission processes.
  • Intermediate knowledge of Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards.
  • Intermediate knowledge of applicable laws relevant to work performed.
  • Basic knowledge of IT supply chain security and risk management policies.
  • Intermediate skill in evaluating the trustworthiness of the supplier and/or product.
  • Intermediate knowledge of relevant laws, policies, procedures, or governance related to work impacting critical infrastructure.
  • Intermediate knowledge of information classification programs and procedures for information loss.
  • Interpersonal communication skill, both written and oral.
  • Attention to detail and organization skills.
  • Analysis and critical thinking skills.
  • Ability to develop productive working relationships with business and technical groups.
  • Ability to effectively prioritize multiple responsibilities.
  • Ability to take direction as well as work with a moderate degree of independence.
  • Ability to work as a member of a team.
  • Ability to eagerly seize responsibility and ownership for assigned tasks.
  • Ability to drive/travel to multiple locations/facilities as needed.

Nice-to-haves

  • Basic knowledge of information security architecture principles.
  • Basic knowledge of incident response methodologies.
  • Basic knowledge of security tools (IDS, FIM, Vulnerability Scanner, SIEM, Forensics, Network Mapping, Penetration Testing, Encryption, etc.).
  • Basic knowledge of penetration testing methods.
  • Basic knowledge of systems testing and evaluation methods.
Back to blog

Data Entry Question and Answer

$150 $49

Remote Question and Answer

$150 $49

Virtual Assistant Question and Answer

$150 $49

Content Moderator Question and Answer

$150 $49

Customer Service Question and Answer

$150 $49

Video Game Tester Question and Answer

$150 $49

Related Posts