ASGN - Palm Beach, FL
posted 2 months ago
The IT Security Risk Analyst will play a crucial role in conducting cybersecurity risk assessments for third-party service providers. This position is primarily focused on evaluating and reporting on the security posture of vendors, ensuring that they meet the organization's risk management standards. The analyst will be responsible for performing thorough assessments that identify and validate potential threats, as well as recommending remediation strategies to mitigate risks. The role requires strong written and verbal communication skills, as the analyst will need to articulate findings and recommendations to high-level executives and collaborate with third-party vendors. In this position, the analyst will conduct interviews with vendors and business units, walk through vendor controls, and document the results of assessments. They will measure these assessments against key controls and industry security standards such as PCI-DSS, HIPAA, and ISO27001:13. The ability to create professionally written assessments that include findings, requirements, and actionable recommendations is essential. The analyst will also be expected to submit these findings to business partners and develop trusted relationships with various stakeholders, including Supply Chain Sourcing and other team members, to gain consensus on strategies and project plans. The role is designed for individuals with a solid background in IT security and risk assessments, and while many responsibilities can be taught, the hiring manager emphasizes the need for candidates to have prior experience in these areas. The position is remote with one onsite requirement per quarter, making it essential for the analyst to be adaptable and capable of working in a fast-paced environment.