Job Description :
Risk Analyst.
Tampa, FL
6+ months
Required Skills : Security Background, technical background, good communication, exp in enterprise environments
Job Description:
The Information Risk Analyst is responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance The Information Risk Analyst will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.
Principal Responsibilities:
Participate in and influence information risk assessment process improvement
Schedule and perform information risk assessments using internal methodology; identify, document and communicate control deficiencies in business processes and technology systems
Work with the business and technology to agree cybersecurity risk findings identified through the risk assessment process
Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps
Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences
Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps
Document risk issues in the internal designated risk register
Assist the business and technology groups through the internal process for policy exceptions and risk acceptance
Experience:
5+ years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management
Financial Services Industry experience a plus but not required
Proficiency with Information Risk Management best practices
Knowledge and Skills Required:
Proven knowledge of technical infrastructure, networks, databases and systems as they relate to cybersecurity risk
Proven knowledge of security methodologies, policies, standards and best practices
Proven knowledge of information technology systems, infrastructure and operations
Ability to explain and articulate technical concepts using both technical and non-technical language
Critical thinking and analytical skills
Excellent presentation skills (MS PowerPoint)
Ability to manipulate data in a spreadsheet (MS Excel)
Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives
Strong oral and written communication skills
Excellent organizational skills, coupled with ability to be versatile and flexible
Sound business judgment and the ability to work successfully with all levels of management
Excellent grammar and style skills; ability to adapt writing style for different audiences and media