Applications Security, Banking Services, Best Practices, Committee of Sponsoring Organizations of the Treadway Commission (COSO), Control Objectives for Information and related Technology (COBIT), Customer Support/Service, Data Management, External Audit, Financial Services, ISO (International Organization for Standardization), ITIL (IT Infrastructure Library), Industry/Trade Analysis, Information/Data Security (InfoSec), Internal Audit, Leadership, Multitasking, PCI-DSS, Performance Metrics, Regulations, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Security Analysis, Security Auditing, Time Management, U.S. National Institute of Standards and Technology (NIST)
Sr. Information Security Risk Analyst
Summary
We are seeking a Sr. Information Security Risk Analyst to support our client's Information Security Program and ensure they can address rapidly changing threats, technologies, and business conditions.
Responsibilities
- Collaborate and drive security initiatives, working with people across multiple teams and diverse functions.
- Enable the business and other stakeholders to make risk-aware decisions by advising business units and technology leaders of the information security risks and proposing acceptable risk treatment options and alternatives.
- Support the Information Security Program by collecting performance indicators, metrics, and other evidence, and by communicating relevant, succinct, and actionable recommendations to Leadership.
- Support the company's PCI-DSS compliance and assessment activities while supporting our internal technology and business teams across the organization.
- Proactively maintain a current and working understanding of Information Security Best Practices, the practical application of security concepts, and all relevant information security and technology regulations, threats, and industry trends, as well as the company's information security policies and their practical application.
- Assist in responding to internal/external audits, including third-party security assessments, if applicable.
- Manage multiple, simultaneous workstreams supporting disparate stakeholders; provide appropriate and timely communication of issues, concerns, risks, and status.
Requirements
- 5+ years of experience in Information Security, Security Audit, or Information Security Risk Management/Compliance.
- Working knowledge and practical application of the PCI-DSS Compliance Framework and how organizations meet those requirements.
- In-depth knowledge of risk and controls including working knowledge of standards and frameworks (COSO, COBIT, ISO, NIST, ITIL).
- Ability to thrive in an environment of change while managing multiple tasks and simultaneous responsibilities.
- Solid understanding of and practical experience with information security risk assessments and information security audits.
Preferred
- CISSP, CRISC, SEC+, PCI-DSS, ISA/PCIP, or applicable certifications/accreditation.
- Solid understanding of information security regulatory requirements and best practices.
- General understanding of banking and financial services processes, and the related risks to securing and managing data.
This is a Direct Hire opportunity with our Kansas City, MO client. Excellent Medical/Dental benefits and annual bonus opportunity. H1-B Visa sponsorship is not available for this position. No third-parties, please.
#LI-DT1
T
TriCom Technical Services LLC