Security Risk Analyst
United States
Full Time
2 weeks ago
$73,700 - $104,633 USD
H1B Sponsor
Key skills
Risk ManagementCommunication
About this role
Role Overview
- Executes critical aspects of the Enterprise Security Risk Management function.
- Partners with the business to document and measure risk inherent to systems, assets, and information.
- Works with the security teams and collaborates with the business to assess IT risks.
- Tracks risk remediation items.
- Oversees the risk review process and reporting across the enterprise.
- Oversees the risk acceptance process across the enterprise to ensure risks are documented and accepted at the correct levels of the organization.
- Validates remediation plans are in place to reduce risk where possible.
- Manages cycle to reassess accepted risks, obtain sign-off, and provide reporting.
- Assists business partners with completing risk assessments and ensuring the correct documentation is captured to support the risk assessment process.
- Translates technical language into business terms to facilitate understanding of risk to the business.
- Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements.
- Collaborates with senior and lead risk analysts on activities related to risk modeling, comprehensive periodic risk assessments, and regulatory reporting standards and expectations, and the development of communication and presentations for internal and external audiences.
- Supports on the development of communications and presentations appropriate for senior level audiences and external regulators.
Requirements
- Minimum of 3 years of experience working in a security function.
- 2 years of experience with risk assessments, audit or control testing.
- Knowledge of security and lifecycle management, including auditing methodology or technology risk assessments.
- Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives.
- Ability to develop strong working relationships with peers and stakeholders across business units.
- Experience working with information security policies, standards, industry best practices and/or frameworks (e.g., ISO 27K, NIST 800-53, FISMA, BITS, etc.).
- Knowledge of IT Security tools and technologies used in an enterprise environment.
Benefits
- Annual Incentive Program
- Medical/Pharmacy Plan
- Dental
- Vision
- Life Insurance
- Dependent Care Reimbursement Account
- Health Care Reimbursement Account
- Health Savings Account (HSA) (if enrolled in eligible health plan)
- Limited-Purpose FSA (if enrolled in eligible health plan and HSA)
- Transportation Reimbursement Account
- Short-term disability (STD)
- Long-term disability (LTD)
- Employee Assistance Program (EAP)
- Fitness Center Reimbursement (if enrolled in eligible health plan)
- Tuition reimbursement
- Transit programs
- Employee recognition program
- Pension
- 401(k) plan
- Paid time off (PTO)
- Holidays
- Volunteer Paid Time Off (VPTO)
- Parental Leave