Job Title: Senior Information Security Risk Analyst 

Contract Duration: 6+ months

Location: Marlborough, MA

 

Responsibilities 

.         Help identify appropriate control standard and assessment
frameworks. 

.         Assist in implementation of Enterprise Governance, Risk and
Compliance (eGRC) tool to support the Risk Management program. 

.         Coordinate business-level information security risk assessments
for key information assets. 

.         Help to identify and track mitigation actions intended to reduce
identified risks, as well as tracking and reporting on changes in key risk
indicators. 

.         Work with the vendor management team to perform thorough technical
and policy-based information security risk assessments of key third party
vendors. 

.         Work with internal application, infrastructure, and architecture
teams to assess the information security risk of existing technology,
infrastructure and processes as well as proposed projects. 

.         Assist with Information Security Awareness programs delivered
firmwide as well as tailored to specific groups. 

.         Assist with information security risk aspects of internal audits. 

 

Min Requirements: 

.         5+ years experience in the area of Information Security Risk
Analysis. 

.         Proven experience using Governance, Risk & Compliance (GRC)
framework, and experience working with enterprise GRC platform tools to
understand, evaluate, and quantify risk. 

.         Experience with Vendor Management Programs, performing risk
assessments of third party service providers/vendors based on ISO27001 and
SIG, review of SSAE16, etc. 

.         Experience and knowledge of control standards and evaluation
frameworks such as ISO27001, NIST Cybersecurity Framework, etc. 

.         Experience performing technical risk assessments for internal
projects, working closely with the architecture team. 

.         Significant breath of technical experience and critical analysis
skills sufficient to perform detailed risk analysis on a variety of
technologies and use cases. 

.         Past experience working with auditors to prepare SSAE16 or similar
reports. 

.         Experience responding to client RFPs, and meeting with clients to
review information security posture. 

.         Excellent verbal and written communication skills and presentation
skills.

 

This role will have a focus in 2 major areas: 

1. Perform Risk Assessment and information security with Vendors and
Products for the business

2. GRC - Working with the tool (we have purchased Archer but other tools
will suffice) to develop the business processes into it.

 

Thanks & Regards,

 

 Ankur Mohan, 

Senior Consultant - IT Recruitments,

Quantronix, Inc.,

2969 Whitney Avenue

Hamden, CT 06518

Tel: 203-718-2011

Skype: ankur.quantronix

Email: an...@quantronix.com <mailto:vand...@quantronix.com> 

 

---- Quantronix Disclaimer ----
This communication (including any accompanying documents) is intended only
for the use of the addressee(s) and contains information that is PRIVILEGED
AND CONFIDENTIAL. Unauthorized reading, dissemination, distribution or
copying of this communication is prohibited. If you have received this
communication in error, please notify us immediately via
postmas...@quantronix.com and promptly destroy the original communication
and all copies taken thereof. Thank you for your cooperation.

 



---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

-- 
You received this message because you are subscribed to the Google Groups "SAP 
or Oracle Financials" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to sap-or-oracle-financials+unsubscr...@googlegroups.com.
To post to this group, send email to sap-or-oracle-financials@googlegroups.com.
Visit this group at http://groups.google.com/group/sap-or-oracle-financials.
For more options, visit https://groups.google.com/d/optout.

Reply via email to