Posted

30+ days ago

Location

Columbia, SC

Description

Job Description:

Our client is seeking a Senior Information Security Risk Analyst to identify, investigate, analyze, and recommend information security guidance to ensure bank assets and processes maintain confidentiality, integrity and availability, while assessing against all applicable regulations, industry standards, and bank policies, directives, and standards.

The Senior Information Security Risk Analyst will perform comprehensive information security risk assessments that evaluate inherent risk, plan controls and safeguards, and ensure alignment of residual risk and risk appetite. This individual will evaluate technology and business projects, business requirements, and recommend security controls to ensure effective information security and compliance with enterprise standards. Also, communicates information security risk issues and control gaps through security governance processes.

Responsibilities:
  • Foster a culture of collaboration and responsible risk management through the definition and adherence to appropriate risk appetites, control frameworks, policies and directives
  • Serve as Information Security subject matter expert for business line projects and participate in the development, implementation, and maintenance of information security for the bank
  • Assist with enterprise information security risk deliverables and collaborate with risk partners on information security priorities
  • Perform Information Security Risk Assessments; decompose complex risk issues and gain business line consensus on risk level and risk response to include acceptance and mitigation of risks, and establish and communicate residual levels
  • Identify and evaluate complex technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
  • Perform pre and post-contract risk assessments, as well as ongoing service and compliance monitoring to ensure the continued adherence to applicable industry regulations and standards, and our client's Policies and Directives
  • Maintain information security by monitoring and ensuring compliance to policies, directives, and standards; contribute to developing and conducting training
  • Risk Metrics: (Understanding the difference between KPIs and KRIs) Analyze data to produce specific, measurable, actionable, relevant, time-bound metrics for Senior and Executive Management
  • Monitor information security trends internal and external to the bank and keep business lines informed about information security related issues

Requirements:
  • The Senior Information Security Risk Analyst will possess a degree in Information Assurance, Information Systems, Risk Management, Auditing, Computer Science or related field of the equivalent in education and work experience
  • Minimum of 8 years of experience in the Information Security field, with at least 3 years of information security risk management and/or operational risk, developing and executing information security risk assessments using industry standard approaches, methodologies, and frameworks (e.g. NIST, Financial Services Regulations)
  • CISSP, CISM, CISA, CRISC, or equivalent industry recognized certification HIGHLY preferred
  • Possess experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step
  • Good knowledge of, and demonstrable experience in, application security, vulnerability testing, and development of risk appetite, as well as significant experience evaluating; cyber security controls
  • Strong awareness and experience with industry risk analysis approaches (ISO, COBIT, COSO) as well as all industry regulations and standards (SOX, GLBA, FFIEC, OCC, HIPAA, PCI DSS, NIST, OWASP)
  • Have the ability to interact with business stakeholders and technical personnel at all levels; experience organizing, participating and executing critical time sensitive projects; experience interacting with project managers, vendors, architects, technical experts and management
  • Ability work effectively with limited supervision with business and technical personnel at all levels of the organization
  • Effective at managing personal time and effort across multiple concurrent project assignments
  • Contribute knowledge and recommendations for risk based assessments on emerging technologies, vulnerabilities, threats, and associated risks
  • Obtain experience knowledge related to the various aspects of the company's lines of business to enhance impact understanding of potential technology risks

About the Company

Atlantic Partners

Atlantic Partners was formed with the clear objective of providing the very best professional recruiting services. We have built our reputation on honesty, integrity, hard work and commitment to partnering with and providing solutions to our clients.  Atlantic Partners offers a full range of staffing options. With over 100 years of experience, our tenured Account Executives and seasoned Recruiters source, identify, and connect the best talent with the right opportunity within the following Industries:

  • Technology
  • Financial Services
  • Healthcare
  • Finance & Accounting
  • Creative/Marketing
  • Legal
  • Construction

It is our consultative approach coupled with our quality control process that has contributed to Atlantic Partners Corporation being recognized as one of the fastest growing staffing firms and best places to work in 2013. Our clients include an array of Fortune 500 companies, as well as smaller mid-size firms, that stem back over 35 years.

Company Size

100 to 499 employees

Industry

Staffing/Employment Agencies

Website

http://atlanticpartnerscorp.com/