Security Risk Analyst REQ# 190000H5
Entrust Datacard is seeking an individual to help support Information Security in the areas of Security Governance, Risk, Compliance and Policy across the organization. This position works as part of a global security team responsible for ensuring that the company's information resources are secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to users in a timely fashion. This position demands an organized, action oriented team player with the ability to prioritize daily work and support on multiple initiatives simultaneously; strong communication and customer focus is required.
Provide support for IT projects, identifying risk specific to the project and actions necessary for remediation.
Conduct security risk assessments and IT audit, and manages risk tracking and remediation.
Supports the development, implementation, and management of security policies and procedures to ensure they remain aligned with business objectives and meet regulatory requirements.
Track audit observations/action items and provide an Action Plan for corrective action(s).
Manage eGRC tool.
Develop regular risk management reporting tools for various levels including executive.
Research information security standards; conduct system security and vulnerability analysis and risk assessments across the corporate IT landscape.
Act as a conduit for project related security requests to ensure requests meet approved design.
Familiar with ISO 27001:2013, NIST 800 Series, and PCI frameworks.
Assist Information Security team define information security strategies and procedures.
Understand and articulate information security strategy, policy and procedures and their implications to the organization.
Monitor the implementation of mitigating controls and their impact in reducing security risk scores.
Validate policies/standards and procedures with focus on identifying and remediating gaps in policy and procedures and inconsistencies across the organization.
Update job knowledge by tracking and understanding emerging security practices and standards.
Minimum of 3 years related experience in Information Security Risk Management
- Experience with risk assessments, internal controls, business process and internal IT control testing or operational auditing
- Experience conducting Technical Risk Assessments
Proven understanding of Enterprise Network devices (i.e. routers, switches, firewalls)
Proven understanding of Operating platforms (i.e. UNIX , Linux and Microsoft)
Proven understanding of results from the following set of tools, to include but not limited to: NESSUS, WebInspect
Familiarity with security industry standards (ISO 17799, ISO 27001:2013, NIST 800 series, etc.)
Must be able to lawfully work within the US and have unrestricted work authorization for US
- Bachelor’s degree in Information Systems, Computer Science
- Experience with eGRC tools and processes
- SSL Certificate knowledge
- ITSM/ITIL knowledge
- Security clearance
- Risk related certifications (e.g. CISM, CISA, CRISC, CISSP, CIPP) a plus
- Excellent communication and written skills along with experience preparing reports for senior executives
- Excellent presentation skills
- Strong organizational skills
- Keen attention to detail
About Entrust Datacard
Our growing company relies on curious, dedicated and innovative colleagues to anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust Datacard technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers. Each year, our solutions secure billions of transactions — and every day, our technologies issue and manage more than 10 million secure identities. How do we do all of this? Together.
Join us. Together we’ll create solutions for a more connected, mobile and secure life.
For more information, visit www.entrustdatacard.com. Follow us on Twitter, YouTube and LinkedIn.
Entrust Datacard Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
NO AGENCIES, NO RELOCATION