Friday, December 22, 2017

Information Security Assurance Analyst

Location: Information Security Assurance Analyst
Duration: 6 month Contract to Hire- Must be able to work for any employer in the US
The Information Security Assurance Analyst responds to vendor security questionnaires, performing vendor security due diligence and will be responsible for remediation of identified compliance and risk gaps. Performing quantitative and qualitative risk assessments. Maintain risk register and overall GRC application.
ESSENTIAL Job Duties & Responsibilities
* Responding to vendor security questionnaires (typically SIG)
* Performing the vendor information security management process
* Documenting gaps between vendor requirements and National MIs infrastructure
* Coordinate and execute IT security projects as it relates to Vendor Management
* Performing risk assessments (Quantitative and Qualitative)
* Maintain risk register with risk treatment plans
* Conduct research to keep abreast of latest security issues
* Prioritize remediation of gaps based on customer security due diligence assessments
* Keeps the GRC up to date with compliance frameworks and the evidence to validate compliance
* Evaluates information to determine compliance with laws, regulations, or standards
* 3-5 plus years related work experience
* Vendor audit and compliance experience, preferably with the SIG framework
* Strong experience with the Information Security Tools and Controls
* Solid understanding of networking concepts and system administration
* Knowledge of data compliance and privacy standards and regulations as they apply to insurance and banking industries
* Knowledge of Information Security Standards (ISO27001, NIST, etc)
* Ability to effectively prioritize and execute reporting tasks in a fast-paced, results-driven environment
* Extensive experience working in a team-oriented, collaborative environment with a diverse team of business and IT staff
* Bachelor's degree in Computer Science or Information Systems preferred; Professional certifications are an advantage
* Bachelors in Computer Science or related IT field and/or 5-10 years of experience working within a diverse IT environment with 3-5 of those years focusing on security
* Industry certifications related to this position a plus (CISSP, GIAC, SANS, etc)
* Valid Driver's License required for travel to job sites, client and vendor locations within the United States