Overview
Remote
Depends on Experience
Full Time
Accepts corp to corp applications
Skills
CISA
CISM
CISSP
Collaboration
Communication
Continuous Improvement
FOCUS
Articulate
HIPAA
ISO/IEC 27001:2005
IT Risk
IT Risk Management
IT Security
Identity Management
Legal
Network
Network Security
Payment Card Industry
Privacy
Regulatory Compliance
Risk Assessment
Supply Chain Management
Vulnerability Management
Job Details
Role: IT Risk Management Analyst
Remote Opportunity
About us:
Stanley is defined by Creativity, Building and Invention. We are makers of the legendary bottle and box. Driven by purpose, passion and performance. Obsessed with making a difference. And keeping our promises. Proud of our yesterday. And focused on building the team of tomorrow.
Position Overview
Join the Bear Force as our IT Risk Management Analyst. Be a part of a company defined by creativity, building, and invention. This role plays a critical role in defining our technical risk and policy programs. We're looking for a self-motivated problem solver to collaborate with IT and business stakeholder teams to establish policies and processes to validate our adherence to our policies.
What You'll Do
Design and drive risk assessment activities. Understand, assess, and formally articulate Security Risks, Standards, Guidelines, and Policy
Create and maintain relationships with key business, Legal, People, IT and other stakeholders throughout the company, while advancing our agenda for standards-backed security practices
Partner with stakeholders in Supply Chain, IT, Security, Legal, and Operations to develop and implement a third party risk assessment framework
Drive remediation action plans to ensure they are designed appropriately to mitigate security/privacy risks
Support business and product release commitments by driving risk identification, mitigation and acceptance for unmitigated security risks with key partners in and outside of IT
Focus on continuous improvement of operational processes and designing innovative and automated operational functionality - we're looking for someone who can help us level up
Who You Are
A self-motivated and collaborative problem solver with ability to work in dynamic environment
5+ years experience in performing all aspects of IT Risk Management activities
Prior experience in consulting stakeholders in identifying and designing remediation activities
Familiarity with industry best practices such as Common Vulnerability Scoring System (CVSS), and regulatory compliance frameworks (NIST CSF, ISO27001, PCI, HIPAA)
Background and understanding of global privacy regulation - GDPR, CCPA, PIPA, etc.
Technical knowledge and understanding of infrastructure, including network segmentation, Zero Trust architecture, Identity and Access Management, CIS Benchmarks, Network Security, and Vulnerability Management
Verbal and written communication skills strong enough to distill the above for a non-technical audience
Possession of certifications such as CISA, CISM, CIPP, CISSP, or other relevant certifications
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.