Job Details: IT Risk Management Analyst
| Job Title: | IT Risk Management Analyst |
| Company: | SRG America |
| Position Type: | Permanent |
| Pay Rate: | $90-100K per Year |
| Skills: | CISSP, CISA |
| Date Posted: | Jun-25-08 |
Job description:
Information Security Risk Analyst: with CISSP (Certified Information Systems Security Professional ) preferred.
As part of the team identify and manage information security risks in a large international financial services firm. Achieve business objectives and ensure compliance with FFIEC, ISO 17799 risk management framework using NIST 800-30 risk management methodology.
Tasks:
Using your technical background and CISSP skills;
Deliver information risk management services including risk assessments, audit planning,, and service provider oversight.
- Perform risk assessments of policies, procedures, BCP, operational, physical, access control, asset classification, and compliance.
- Assist in the scoping of projects and developing proposals.
- Part of a team of information security risk professionals providing support to a real time 24x7 global financial services firm.
- Assist in FFIEC and ISO 17799 risk management activities.
- Apply NIST 800-30 risk management methodology.
- Perform vendor SAS 70 reviews from risk management standpoint.
Background should include most of the following;
4+years of Information Security and Risk Analysis background.
Experience with technology issues, software and networks.
Experience and knowledge in a corporate environment with the following;
- information resource valuation methodologies, classification methods
- principles of development of baselines and their relationship to risk-based assessments of control requirements
- life-cycle-based risk management principles and practices
- threats, vulnerabilities and exposures associated with confidentiality, integrity and availability of information resources
- quantitative and qualitative methods used to determine sensitivity and criticality of information resources and the impact of adverse events
- gap analysis to assess generally accepted standards of good practice for information security management against current state
- risk mitigation strategies used in defining security requirements for information resources supporting business applications
- cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels
- managing and reporting status of identified risks
Other Preferred Skills/Experience:
* CISSP, CISA
* Prior financial institution experience is a plus.
* Knowledge of RiskWatch* For Financial Institutions.
* Some travel required between Boston and New Jersey, about 10%
* Project management experience
| Location: [rss] | US-NJ-Jersey City |
| Telecommute: | No (Onsite Position) |
| Contact Name: | Hemanth |
| Contact Phone: | 732-947-4251 |
| Contact Email: | hemanth.recruiter@gmail.com |
Principals only. Recruiters, please do not contact this job poster.
View other jobs in US-NJ-Jersey City »
View other jobs in US-NJ »
View other IT Risk Management Analyst jobs, Software Engineer jobs, Tech jobs
View other jobs requiring these skills: CISSP,
CISA
View other postings by SRG America »
