Skip to content

This website works best using cookies which are currently disabled.Cookie policy  Allow cookies
JobServe
 

Job Application

 
 
 

Please answer the following questions in order to process your application.

 
 
Email Address *
 
I certify that I am a U.S. citizen, permanent resident, or a foreign national with authorization to work in the United States. *
 
 
 
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
 
Attach a Resume * 
 
Optional covering letter 
OR
Clear covering letter
 
 
 * denotes required field
 
 
 
Additional Information:
 
First Name
 
Last Name
 
Address
 
Country
 
Home Telephone
 
Mobile/Cell
 
Availability/Notice
 
Salary Expectation USD
 
Approximately how far are you willing to travel to work (in miles) ?
 
 
 

Key Privacy Information

When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.

If the advertiser wishes to contact you they have agreed to use your information following data protection law.

JobServe will keep a copy of the application for 90 days.

More information about our Privacy Policy.

 
 

Job Details

 

IT Security Risk and Compliance Analyst (Full Time)

Location: Chicago, Illinois Country: United States of America Rate: 90-115K
 

Prestigious Enterprise Company is currently seeking an Information Security Risk Analyst. Candidate supports the Global risk management and compliance activities for all risk and security frameworks through execution of the Global IT Risk Management and Compliance Program. Candidate will be using approaches and processes to identify and assess IT risk, apply appropriate controls, document agreements and execute required follow up processes. Candidate will assist with the definition, creation and execution of security awareness efforts for all business units and activities required to support the design, implementation and ongoing operation of the Risk Metrics and Measures program.

Responsibilities:

  • Engages business teams across the global organization to assess execution of the Compliance and Risk Management program framework to help global business partners identify information risk and manage mitigation to an acceptable level
  • Executes global risk management processes to help business partners develop controls needed for the mitigation of risk for business processes not compliant with information security and risk frameworks
  • Socializes strategies, standards, policies, procedures, communications and awareness efforts with all business partners
  • Provides feedback on compliance with and customer concerns about established IT Security policies based on day-to-day interactions with Company businesses.
  • Takes actions as directed to ensure compliance of global business units in actions necessary to ensure compliance with applicable frameworks including, but not limited to, Sarbanes-Oxley (SOX), the Payment Card Industry Data Security Standard (PCI-DSS) and specific ISO, BS or other standards as required.
  • Remains aware of Data Privacy guidance to allow appropriate actions to escalate to management any gaps which arise in data privacy compliance.
  • Takes actions as directed to assist in auditing compliance of business units to established security strategies, standards, policies, and procedures
  • Works with global business units to understand awareness gaps and to create plans for awareness training, testing and success measures.
  • Works closely with the business, Procom and legal teams to review proposed vendor engagement terms and conditions and apply the Company risk profile, providing the appropriate feedback as to any changes needed and documenting exceptions to the process.
  • Monitors assigned work in the risk register to ensure that all risks are accurately represented and actively managed.
  • Aligns individual goals to Risk and Compliance team goals with objectives.
  • Recognizes opportunities to balance risk and creativity in quickly responding to business opportunities.

Qualifications:

  • 5+ years of experience in related field preferred.
  • Basic understanding of risk concepts including risk identification, evaluation, mitigation and measurement
  • Awareness of auditing standards and frameworks (eg COBIT, ISO 27001), industry guidelines and laws (eg Sarbanes-Oxley Act and PCI DSS) and privacy concepts (EU Data Privacy Directive, HIPAA) helpful, but not required
  • Must be able to work in a collaborative team environment with individuals at appropriate levels of the Company
  • Understanding of continuous improvement concepts and ability to effectively incorporate those skills into day-to-day work
  • Effective negotiation skills
  • Good verbal and written communication, facilitation, and interpersonal skills

Posted Date: 30 Aug 2019 Reference: JSCJ-ISRISKC Employment Agency: Request Technology - Craig Johnson Contact: Craig Johnson