30+ days ago


Columbia, SC


Our large Financial Industry client is in search of two Senior Information Security Risk Analyst to add to their team.  One will be a long-term contract and the other will be a Direct Hire.

In this role, you will identify, investigate, analyze, and recommend information security guidance to ensure bank assets and processes maintain confidentiality, integrity and availability, while assessing against all applicable regulations, industry standards, and bank policies, directives, and standards. The Senior Information Security Risk Analyst will perform comprehensive information security risk assessments that evaluate inherent risk, plan controls and safeguards, and ensure alignment of residual risk and risk appetite. The Analyst will evaluate technology and business projects, business requirements, and recommend security controls to ensure effective information security and compliance with enterprise standards. The Analyst communicates information security risk issues and control gaps through security governance processes.

If you are looking to fuel your professional development and gain exposure in the field of Information Security, apply today!

What you bring to the table:
  • 8+ years of experience in the Information Security field
  • 3+ years of information security risk management and/or operational risk, developing and executing information security risk assessments using industry standard approaches, methodologies, and frameworks (e.g. NIST, Financial Services Regulations)
  • Possess strong/experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step
  • Expert knowledge of, and demonstrable experience in, application security, vulnerability testing, and development of risk appetite, as well as significant experience evaluating; cyber security controls
  • Strong awareness and experience with industry risk analysis approaches (ISO, COBIT, COSO) as well as all industry regulations and standards (SOX, GLBA, FFIEC, OCC, HIPAA, PCI DSS, NIST, OWASP)
  • Have the ability to interact with business stakeholders and technical personnel at all levels; experience organizing, participating and executing critical time sensitive projects; experience interacting with project managers, vendors, architects, technical experts and management
  • Contribute knowledge and recommendations for risk based assessments on emerging technologies, vulnerabilities, threats, and associated risks
  • CISSP, CISM, CISA, CRISC, or equivalent industry recognized certification preferred

What they have to offer:

  • Competitive insurance and retirement offerings
  • Excellent PTO & Holiday time
  • Exceptional growth opportunities
  • Supportive team environment