IT Security Risk Management Analyst

About The Position

Requirements

• Experience in creating and maintaining cybersecurity policies tailored to organizational needs.
• Experience in identifying and assessing potential risks, developing risk mitigation strategies, and analyzing risk trends.
• Experience conducting IT Risk Security Assessments.
• Familiarity with industry regulations and standards: NIST, HIPAA, PCI.
• Understanding of cybersecurity laws, regulations, and the implementation of security controls.
• Experience managing risks associated with third-part vendors.
• Bachelor's degree or equivalent experience.

Responsibilities

• Coordinate and facilitate the risk management program within specified policy, standard and procedures.
• Communicate with auditors and regulators during compliance and regulatory reviews
• Participate in information security audits ensuring technical compliance with security related regulatory requirements (HIPAA, PCI, etc.)
• Collaboratively work with peers to ensure operational excellence
• Contribute to risk assessments
• Identify and prioritize risk based on impact and likelihood
• Work directly with key business leaders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regards to information risk management
• Execute the organization’s risk procedures
• Evaluate the results of the vendor assessment
• Maintain risk registries
• Maintain and monitor Information Security Risk Exception process to ensure identification of areas of non-compliance

Benefits

• An assortment of insurance products and discount programs through Voluntary Benefits.