Security Risk Analyst

Security Risk Analyst

Under limited supervision, deliver the company’s enterprise security and privacy risk strategy, policies, standards, and best practices approach aligned with the company’s security and privacy needs. Ensure assigned information requests are processed and completed within a defined response timeframe. Assist in tracking incoming requests with appropriate GSPO, IT, and business stakeholders. Follow up on any activities identified to meet associated due dates to ensure they are completed in a timely manner.

Responsibilities:

• Assist with resolving security and privacy matters that impact business operations.
• Assist with execution and maintenance of security and privacy programs in the assigned regions.
• Advise and liaise as needed with regional Risk Oversight on security and privacy matters including driving risk assessments and promoting risk appetites across regional multiple businesses.
• Assist with security and privacy risk reporting for CLIENT including but not limited to regulators, internal and external auditor.
• Assist with developing and implementing frameworks and approaches for identifying and reporting global risk and enabling the business while establishing an effective and appropriate security and privacy environment for the organization.
• Communicate difficult concepts and collaborate with business and GSPO matters related to security and privacy.
• Propose changes to existing policies and procedures to ensure effective risk mitigation, operating efficiency, and regulatory compliance.
• Assist with establishing governance structures that will serve to support the enterprise security and privacy frameworks, improve the overall risk management competency and capability enterprise wide, and use subject matter expertise to resolve complex business challenges and promote best practices to improve business processes and mitigate risk across a broad geographic area.
• Consult to major application initiatives positively impacting the achievement of objectives, and leads or participates in high profile cross functional project teams with moderate resource requirements, risk, and/or complexity, while ensuring security and privacy issues are taken into account and addressed early, including external RFP’s.
• Assist in the management of enterprise security and privacy programs and communication for designated area of responsibility.
• Participate in security and privacy architectural review process that evaluates exceptions requests against accepted standards and business needs.
• Advocate for data privacy, data protection, and information risk management best practices working with all other appropriate stakeholders and works as a liaison with regional regulatory authorities as required.
• Lead special projects to enhance communication and the business experience.
• Assist with Incident response, management, reporting and documentation.

Education and Certifications

• Required: Bachelor’s degree or equivalent related experience.
• Preferred: IAPP Certification; CISSP, CISA, CISM Certification.

Experience and Skills

• 4+ years’ experience in security, privacy, fraud, or data safeguarding methods.
• Intermediate knowledge of the security, privacy, and fraud fields best practices and associated program policies.
• Basic knowledge of global standards and regulations regarding security, privacy, and fraud.
• Intermediate ability to learn and stay current on data privacy, data security, and fraud threats and vulnerabilities.
• Intermediate ability to be flexible when needed, take initiative, and demonstrate accountability.
• Intermediate oral and written communication skills demonstrating ability to share and impart knowledge.
• Intermediate ability to quickly adapt to new methods, work under tight deadlines and stressful conditions.
• Intermediate ability to set goals and handle multiple tasks, clients, and projects simultaneously.
• Intermediate ability to appropriately balance priorities, deadlines, and deliverables.
• Intermediate ability to work well within a team environment and participate in department/team projects.
• Intermediate ability to balance detail with departmental goals/objectives.
• Intermediate ability to foster customer service as needed.
• Intermediate negotiating and persuasion skills.
• Strong interpersonal, presentation, verbal, and written communication skills with the ability to effectively interact with internal and external business partners.
• Knowledge of Microsoft Office Suite and other business-related software systems, including processing systems and applications.
• Strong business communication and soft skills.
• Advanced skills in MS Word, Excel, Visio, PowerPoint, and SharePoint.
• Ability to quickly adapt to new methods and work under tight deadlines and stressful conditions.
• Advanced investigative, analytical, and problem-solving skills.
• Advanced ability to set goals and handle multiple tasks, clients, and projects simultaneously.
• Ability to work well within a team environment and participate in department/team projects.
• Advanced ability to translate business needs and problems into viable/accepted solutions.
• Strong technical writing skills and experience in creating dashboards or reports for executives.
• Advanced ability to liaise with individuals across a wide variety of operational, functional, and technical disciplines.

Benefits

• Medical, Dental, and Vision Insurance
• Life and AD&D Insurance
• Short- and Long-Term Disability Insurance
• 401k Plan
• Flexible Spending Account (FSA) - Medical and Child Care expenses
• Paid Holidays and Vacation
• Sick Leave Allowance
• Training Reimbursements
• Direct Deposit