8 days old
2018-08-102018-09-07

Senior Security Risk Analyst

Durham, NC 27709
  • Job Code
    638205
  • Payrate
    $48 To $60
job summary:

Randstad is hiring!

We have a one year, renewable contract for a Senior Security Risk Analyst with a client of ours in RTP, NC. If you are looking for an Information Security Risk Analyst role, have 5+ years' related experience, and are looking to gain experience with one of the largest most-reputable bio-tech companies in the RDU area, we invite you to apply!

This position reports to the Associate Director & Team Lead, of Information Security Governance. In this role, you will conduct information security risk assessments to ensure the proper implementation of security controls across identified environments. This includes identifying gaps and compensating controls, developing remediation plans, and publishing reports of results.

Fore more information or if you wish to apply directly, please reach out to [email protected].

 
location: Durham, North Carolina
job type: Contract
salary: $48.22 - 60.00 per hour
work hours: 9 to 6
education: Bachelors
 
responsibilities:

Principal Duties and Responsibilities:

- Implement Security & Awareness Messaging to align with a monthly pre-defined awareness theme, and quarterly phishing campaigns/reports

- Perform IS Vendor Risk Assessments

- Write Policies and related supporting documentation, such as standards and procedures

- Assign Data Risk Classifications for assets defined in EOS, our system of record, and build and train end users on the self-service model

- Assist with the development and implementation of controls in alignment with NIST standards

- Develop the exception handling process

- Perform information security risk and control assessments and report on information security risks and recommend mitigation strategies; document and monitor information security remediation and control improvements

- Provide administrative support and development for the SharePoint Online site migration for the CISO organization

Overall:

- Serve as an information security liaison to our business units and third parties to create and/or provide feedback on items assigned or influenced by the team (e.g., information security best practices, policy and procedure development, employee education and awareness, security exceptions)

 
qualifications:

Qualifications

Education/Training:

- A Bachelor's degree in Computer Security / Science or Information Security; or equivalent experience required

- Certification credentials in fields associated with Information Technology, Information Technology Auditing, Information Security, or other related studies preferred

Experience:

- A minimum of 5 years' experience in information security and/or risk management, especially in an information risk analysis, Enterprise Risk Management (ERM), and/or IT Audit role.

- Experience with development and implementation of information security awareness and education programs.

- Knowledge of quantitative and qualitative risk evaluation methods, including information security control frameworks such as NIST, ISO, and COBIT.

- Proven experience with control monitoring principles and practices.

- Ability to understand and engage applicable industry-related regulatory requirements (e.g., FDA, FIPS, EU Annex 11, GDPR)

- Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside to make appropriate assessments and decisions.

- Excellent analytical and problem-solving skills

- Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.

- Excellent verbal and written skills.

- Flexible and able to adapt quickly to changing technology

- Open and able to apply original and innovative thinking to produce new ideas and create innovative approaches to information security oversight and compliance.

- Strong knowledge of Microsoft Office product suite, and corporate business applications including Skype and SharePoint

- Experience using an automated GRC tool (i.e. RSA Archer) is a plus

- Biotech and IT experience preferred

 
skills: Required Skills/Experience:

- Knowledge of quantitative and qualitative risk evaluation methods, including information security control frameworks such as NIST, ISO, and COBIT.

- Proven experience with control monitoring principles and practices.

- Ability to understand and engage applicable industry-related regulatory requirements (e.g., FDA, FIPS, EU Annex 11, GDPR)

- Ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside to make appropriate assessments and decisions.

- Excellent analytical and problem-solving skills

- Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.

- Excellent verbal and written skills.

- Flexible and able to adapt quickly to changing technology

- Open and able to apply original and innovative thinking to produce new ideas and create innovative approaches to information security oversight and compliance.

- Strong knowledge of Microsoft Office product suite, and corporate business applications including Skype and SharePoint

- Experience using an automated GRC tool (i.e. RSA Archer) is a plus

- Biotech and IT experience preferred


Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

Categories

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Security Risk Analyst

Randstad Technologies
Durham, NC 27709

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast