Sr. IS Security Risk Analyst
Columbia, South Carolina
Post Date: 03/06/2017 Job ID: 22085 Industry: Information Technology
- Conduct and provide oversight for procedural and operational review of I/S processes and systems against corporate, government, an/or internal I/S compliance standards. Provide customer relationship management for external audit activities in alignment with contractual obligations and customer expectations.
- Act as the I/S representative for computer forensic examinations, incident investigations, and risk assessment activities conducted by internal and external areas. Act as the I/S representative to contractually assigned customer systems security points of contact. Facilitate customer and external stakeholder communication regards assigned system security portfolio.
- Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts. Ensure that assigned systems security portfolio is managed in alignment to contractual security obligations, frameworks, and control requirements.
- Provide guidance to I/s functional teams with the development, implementation, monitoring, and reporting of control
- processes, documentation, and compliance routines. Facilitate contract stakeholder guidance regards system security
- operations and planning for assigned systems security portfolio.
- Develop and champion efficiencies regards risk assessment and compliance efforts. Facilitate improvements and
- ensure stakeholder communication throughout operational changes to system security portfolio.
EDUCATION / EQUIVALENCY:
Bachelor' s Degree in Computer Science, Information Technology or related degree
OR 2-year degree in Computer Science, Information Technology or related degree plus 2 years of related IT experience
OR extra 4 years job related experience (Total 12 years of related work experience)
- 8 years of I/T experience including 6 years of IT security, risk assessment and/or compliance experience.
- Complete understanding of systems security business life cycle methodologies.
- Able to lead complex business development activities from systems security perspective.
- Subject matter expert in both government and private risk frameworks and control implementations.
- Excellent communication and interpersonal skills.
- Comprehensive understanding of business system security risk management, information system security and compliance practices.
- Excellent understanding of functional I/S processes and methodologies.