Hello,
I have an exclusive job opportunity with one of our clients. Please review the requirement below and share your updated resume so we can proceed further.
Job Details:
Job Title: Privacy & Info Security Risk Mgmt Analyst II
Location: 100% Remote
Duration: 6+ Months Contract
Notes: Client is looking for someone with a mix of GRC reporting and Remediation, along with Security awareness training.
Description:
· These Principal Accountabilities, Requirements, and Qualifications are not exhaustive, but are merely the most descriptive of the current job.
· Management reserves the right to revise the job description or require that other tasks be performed when the circumstances of the job change.
· change (for example, emergencies, staff changes, workload, or technical development).
Job Accountabilities:
Security Risk Review-Measurement and Reporting:
- Establishes metrics and contributes to the overall plan associated with the security dashboards and scorecards to inform business leaders of information security-related risks.
- Maintains accurate and thorough documentation of all security risk review activities in the governance, risk management, and compliance (GRC) platform.
- Develops and validates recommended corrective action plans for projects, assessments, and other identified risks.
- Advises and guides remediation activities required for risk mitigation, including building and maintaining an inventory of security controls, risks, and control gaps.
- Upholds the confidentiality of all privacy and risk management data.
Security Plans and Consulting:
- Serves as a technical security lead on small, medium, large, and complex projects
- Briefs Information Security teams regarding emerging threats and provides recommendations on technical and administrative controls to mitigate or reduce risk to Client.
- Performs and reviews evaluation of incident activities (cost and resource analysis), including making recommendations for corrective actions and preventative measures.
- Collaborates and leads with engineering and other technical disciplines to integrate security controls to protect client information, services, data, applications, and resources.
Security Training and Awareness:
- Provides security training to staff members through new hire orientation, just-in-time training, and regular department training.
- Acts as an Information Security liaison and subject matter expert working with Privacy and Office of General Counsel (OGC) leadership.
- Researches, develops, and provides technical security training on best practices and risk measurement methods for Ostaffers.
Policies And Procedures:
- Develops, reviews, and revises information security policies, procedures, and standards to reflect regulatory requirements, security best practices, and evolving technologies.
- Demonstrates working knowledge and understanding of privacy and information security risk management best practices and methodologies, specifically the procedures used within the healthcare environment.
- Assists in drafting policies, procedures, and processes to implement new and revised regulations, as needed.
Research And Analysis:
- Conducts technical security-related research and analysis and then translates the results into meaningful input for the Information Security and Risk Management program.
- Helps lead the development of the information security controls framework and controls testing methodologies.
- Ensures the technical accuracy during the researching, outlining, and writing of documentation such as internal publication of white papers, position papers, and other guidance documents.
- Remains technically current on new technologies through reading, seminars, workshops, and vendor information.
Education:
- Equivalent experience will be accepted in lieu of the required degree or diploma.
- Bachelor''s in Business, Computer Science, Engineering, Information Security, Management, Mathematics, Science, Technology, or related.
Never miss an opportunity! Create an alert based on the job you applied for.
