What are the responsibilities and job description for the Information Risk Analyst - Information Security position at Software Guidance & Assistance?
Job Details
Software Guidance & Assistance, Inc., (SGA), is searching for a Risk Analyst - Information Security for a right to hire assignment with one of our premier financial services clients in Dallas, TX or Tampa, FL.
Responsibilities :
Responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework, when needed as part of Risk Treatment. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). Will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Responsibilities :
Responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework, when needed as part of Risk Treatment. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). Will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.
- Participate in and influence information risk assessment process improvement
- Schedule and perform information risk assessments using firm methodology; identify, document and communicate control deficiencies in business processes and technology systems
- Partner with the business and technology to agree cybersecurity risk findings identified through the risk assessment (e.g., vendor, application, infrastructure), new initiatives, and ad-hoc processes
- Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps
- Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences
- Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps
- Document risk issues in the firm designated risk register
- Assist the business and technology groups through the firm process for policy exceptions and risk acceptance, and work internally with the Risk Treatment team to address risks and issues efficiently.
- 5 - 7 years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management
- Proficiency with Information Risk Management best practices, standards, and frameworks
- Proven knowledge of technical infrastructure, networks, databases and systems and how they affect an organization's cybersecurity risk
- Proven knowledge of security methodologies, policies, standards and best practices
- Proven knowledge of information technology systems, infrastructure and operations
- Ability to explain and articulate technical concepts using both technical and non-technical language
- Critical thinking and analytical skills
- Excellent presentation skills (MS PowerPoint / PowerBI)
- Ability to manipulate data in a spreadsheet (MS Excel / PowerBI)
- Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives
- Strong oral and written communication skills
- Excellent organizational skills, coupled with ability to be versatile and flexible
- Sound business judgment and the ability to work successfully with all levels of management
- Detail oriented; Excellent grammar and style skills; ability to adapt writing style for different audiences and media
- Bachelor's degree preferred
- CISSP/CISM/CRISC certification preferred
- Financial Services Industry experience a plus but not required
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.