Website REQUEST TECHNOLOGY - CRAIG JOHNSON
*Position is bonus eligible*
Prestigious Financial Company is currently seeking a Cyber Risk Analyst with SORT experience. Candidate will be working closely with other members of the Security Services, IT, and Corporate risk, support the development, maintenance, and operations of the Cyber Risk program. Candidate will be responsible for the automation of Security process, with a focus on baselines, SORT, and change management processes. Secondary responsibilities include scoping, planning, conducting, and reporting Security assessments of third parties and technologies. Additional responsibilities include supporting the management of Security risk observations.
- Lead the processing of Security observations by reviewing security testing reports and generating SORT tickets.
- Support requirements gathering, submission, testing, and deployment of process automation efforts.
- Scoping, planning, conducting, and reporting Security assessments of third parties and technologies Research and recommend new or updated risk assessment methodologies, frameworks, and standards.
- Act as supporting point of contact from Security Services to Compliance, Internal Audit, Enterprise Risk Management (ERM) and Project Management Office (PMO).
- Assist with other Cyber Risk Program efforts including but not limited to tracking of remediation and validation of audit, compliance, and regulatory findings as needed.
- Assists Security Analysts, transferring technical and risk management knowledge
- Assist in project planning
- Analytical skills to successfully analyze, model, and present complex risk assessments
- Strong understanding of information technology, risk management concepts, and analytics
- Possesses critical values (ie, fact based, collaborative, credibility/trust and judgment
- Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc.
- Experience in security risk management principles and practices.
- Experience in working with regulatory frameworks and requirements relevant to such as, Reg SCI, CFTC, etc.
- Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics or the equivalent combination of education and/or relevant experience.
- Previous work in Compliance, Audit, Risk Management, or Security.
- Professional security certifications is a plus (ie, GIAC, CISSP, CISA, CISM, CRISC)
To apply for this job please visit www.jobvertise.com.