Information Security Analyst

Beaverton, OR, US • Posted 5 hours ago • Updated 5 hours ago
Full Time
Occasional Travel Required
On-site
$100,000 - 110000/yr
Company Branding Image
Fitment

Dice Job Match Score™

⏳ Almost there, hang tight...

Job Details

Skills

  • CRISC
  • CISSP

Summary

WHAT YOU WILL WORK ON

This role works with the Information Risk Management team to identify, assess, and elevate visibility to information security risks across our technology landscape. Key responsibilities include:

 

Vendor Information Risk Assessments

  • Perform formal risk assessments on partner and vendor connections, evaluating vendor processes at the point of engagement.
  • Ensure sufficient validation of data sharing arrangements and agreements to protect our sensitive information.
  • Confirm business objectives align with the type and volume of data used, maintaining a "need to know/use" mindset.
  • Review third-party SOC reports and vendor security documentation as part of assessment activities.
  • Help establish risk and remediation ownership for identified vendor-related risks and document findings in the Risk Register.

Security Controls Baseline Assessments

  • Assess moderately complex platforms and systems against the security and configuration standards.
  • Evaluate and process exceptions to information security policies and standards.
  • Perform compliance control validation testing to determine the operating effectiveness of IT controls for scoped systems.
  • Consult with technology units on IT general controls (ITGCs) and compliance matters.
  • Champion information security policies, standards, controls, and processes so compliance requirements are addressed as part of business-as-usual operations.

Internal Risk Assessments

  • Identify, document, and elevate visibility to information risk where business direction creates potential exposure to employee, athlete, and product sensitive data streams.
  • Identify and profile the systems and processes that require risk assessments; scope specific assessments accordingly.
  • Perform detailed analysis of threats and vulnerabilities across information security domains including network security, asset security, security engineering, identity and access management, security operations, and software development security.
  • Review key system configurations and complex IT infrastructures (e.g., cloud services).
  • Communicate effectively through risk reports, presentations, and stakeholder interactions to drive remediation of identified risks.

Data Analysis and Other Projects

  • Support vendor risk management metrics, reporting, and master data stewardship to improve accuracy, timeliness, and completeness.
  • Provide analysis and insights into data supporting the effectiveness of technical and process-based cybersecurity controls.
  • Collaborate on process improvements for data retrieval, analysis, and risk assessment intake.
  • Contribute to IRM team projects and strategic initiatives as assigned, including documentation in ServiceNow (SNOW) and Box.
  • Support the risk analysis intake process and participate in daily standups and weekly process meetings.

General Responsibilities

  • Execute targeted internal and external (vendor) risk assessments in support of IRM strategy, following established team processes and enablers.
  • Be proactive in anticipating next steps in the risk assessment process and take action accordingly.
  • Collaborate with team members on assessment approach, scoping, documentation, and issue presentation activities.
  • Serve as an information security and CIS ambassador to our lines of business and management.
  • Provide enforcement of security policies, standards, and procedures by working cross-functionally with Compliance and Governance functions.
  • Stay current on information security technologies, trends, standards, best practices, and emerging threats and vulnerabilities.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 90547434
  • Position Id: 9017533
  • Posted 5 hours ago

Company Info

About Aroghia

Watching the world of next-tech unfold? It’s time to be part of it. Explore challenging and exciting opportunities across the globe.We are transforming our world and looking for others who want to make an impact. 

The Aroghia Group is a Denver-based IT Consulting, Solutions and Staffing firm that was founded in 2001 (formerly known as W/H/I/P Systems, LLC) and specializes in the design, implementation and support of IT infrastructure for clients ranging from startups to Fortune 500 companies.

Contact the job poster
Venkat Chalamala

Venkat Chalamala

IT Recruiter @ Aroghia
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs