IT Risk Services Analyst

Responsibilities:

· Work with project teams to provide Privacy Impact Assessments

· Conduct IT Risk Assessments on External Vendor’s system architecture and design to ensure the security requirements meets maturity levels

· Review third party RFP responses with security architects, and evaluate SSAE16 SOC Type 2 reports and similar reports to identify key areas concerning security, risk and compliance

· Conduct training to project services resources on risk, security assessment process, and data privacy assessment process

· Assist with internal and external audits and assessments

· Assist with the development of programs to ensure compliance to regulatory requirements

· Perform other IT related assessments as assigned

Maintenance of Standards & Policies

· Contribute to the maintenance of IT Policies – Clean Desk Policy, AD Password Policy

· Create work instructions for evaluating requests against Standards & Policies

· Evaluate requests and applies the IT exception processes to these requests

· Clearly document and define risks and potential impacts and identify systems affected by the defined risk

Communication of IT Risk Services policies and standards

· Maintain and contribute to SharePoint sites regarding IT Risk content

· Create and/or coordinate training sessions as required

· Monitoring IT Risk Services mailbox and respond to requests and customer inquiries

· Answer and respond to ServiceNow help-line tickets – Administrative Rights, Removal and System identification, Ensure Software Compliance, Wireless Access Control, Email and Distribution list request, Vendor Network Access, Browser Exceptions

· Log and follow up on customer issues

· Interact with other teams: Global Information Security, Global Security, Cyber Security, and IT Teams as required

Disaster Recovery

· Track and assist with the completion and updating of Component Recovery Plans

· Communicate recommended business continuity preparations and controls, including deficiencies, to business units

· Approve restoration of Backup Data to DR sites

· Participate with internal audits and testing of Component and Disaster Recovery Plans

Monitoring & Reporting

· Provide summary and status reports regarding assessments and project status

· Summary reports exception requests and status

· Awareness of all risk-centric tools within the environment

CONDITIONS OF WORK: (Note any travel requirements or physical demands required. Also note if employee will be exposed to any hazardous conditions.)

· On call rotation may be required

· Occasional after hours and weekend work required

· Occasional travel between the business sites may be required

Qualifications:

· Bachelor’s degree preferred, with 3-5 years’ information risk management experience preferred and/or advanced degree in related field

· Educational, Licenses and Certificates.

· CISSP certification or SANS certificates or certification preferred

· 3 + years’ experience working with project teams

· Understands risk and security processes and uses the knowledge to respond to customer inquiries

· Strong technical writing and oral communication skills

· Customer Focus

· Experience interacting with internal customers and vendors

· Organizational sensitivity with the ability to deliver a tough message to associates at all levels

· Possess a professional attitude and work ethic in addition to being well organized and efficient

· Strong computer skills, including operating systems and software with SharePoint experience a plus

· Ability to instill trust; high standards of integrity

· Flexibility and adaptability – adapts to changing priorities

· Self-starter – demonstrates personal initiative; high personal work standards

· Decisive evaluation of risk for applications and infrastructure required

· Requires reading of white papers, briefs, and attending seminars and training to maintain current in technology and IT risk issues and concerns

Qualifications:

· Bachelor’s degree preferred, with 3-5 years’ information risk management experience preferred and/or advanced degree in related field

· Educational, Licenses and Certificates.

· CISSP certification or SANS certificates or certification preferred

· 3 + years’ experience working with project teams

· Understands risk and security processes and uses the knowledge to respond to customer inquiries

· Interact with other teams: Global Information Security, Global Security, Cyber Security, and IT Teams as required

Kind Regards,

Pramod Kumar

Technical Recruiter

Integrated Resources, Inc.

DIRECT # - 732-844-8730