Communication Skills, Computer Security, Corrective Action, Documentation, HIPAA (Health Insurance Portability and Accountability Act), ISO (International Organization for Standardization), Information Technology & Information Systems, International Electro-Technical Commission (IEC), PCI, Policy Development, Presentation/Verbal Skills, Regulations, Reporting Skills, Risk, Risk Analysis, Risk Management, Security Attacks, Standards Development, U.S. National Institute of Standards and Technology (NIST), Writing Skills
Risk Management Analyst
Location: Sacramento, CA
Duration: 12 Months
Minimum Skills:
- Must understand the current security threats model and demonstrate a strong willingness to stay at the forefront of security developments
- Knowledge of risk assessment methodologies, IT policies and standards development
- Working knowledge of common IT security impacted regulations and/or standards such as ISO/IEC 27001/2, NIST, PCI, and HIPAA.
- Experience with audit processes and disciplines including third party risk management.
- Working knowledge of industry leading GRC practices
- 5+ years of experience in an IT Security/IT Risk environment with a large regulated organization
- Experience with development and administration of risk assessments, reviews, corrective action planning
- Must possess strong oral and written communication skills to assist in maintaining documentation, updating manuals, and producing reports
- Have the ability to multi-task and adjust to shifting priorities, have keen analytical skills and be a critical thinker, as well as exhibit a high-level of attention
- Must be highly motivated, dependable, and punctual
Certification Required: One or more industry certifications such as CISSP, CISM, CRISC, GSEC and CISA required