InfoSec Risk Analyst - Exton

  • Exton, PA

Compensation

: $94,810.00 - $139,430.00 /year *

Employment Type

: Full-Time

Industry

: Information Technology



Loading some great jobs for you...





Job Details

Description

We have an opening for an InfoSec Risk Analyst, this individual will report to the VP of Risk Management. The role will be based in our corporate headquarters in Exton, PA. Function Assist in the development, implementation, and monitoring of a comprehensive enterprise-wide information security program to ensure the integrity, confidentiality and availability of all information owned, controlled and/or processed by the organization. Assist in developing and managing a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers. Assist with managing the organizations Vendor Management program which may include conducting reviews of vendor due diligence materials, conducting vendor site inspections & evaluations, and assess risks presented by third party relationships. Maintain security policies, standards, and guidelines to ensure each remains up-to-date. Ensure dissemination of security policies and practices is timely and comprehensive for internal/external customers. Co-ordinate and/or support security testing, incidents, and events to protect corporate assets, including intellectual property, regulated data and the company's reputation. Enhance and facilitate information security awareness education programs for all employees, contractors and approved system users. Work directly with business units to facilitate risk assessment and risk management processes, and work with internal stakeholders on identifying acceptable levels of residual risk. Provides InfoSec risk guidance for projects, including the evaluation and recommendation of technical controls. Enhance our existing information security management framework based on National Institute of Standards and Technology (NIST). Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings. Liaison among the information security team and corporate compliance, audit, legal and HR management teams as required. Assist with the organization current data security monitoring activities and respond to control issues or end-user failures, where necessary. Support other Risk Management oriented activities as required Qualifications and Education Requirements Work Experience Education:
Associated topics: attack, forensic, identity access management, information technology security, malicious, protect, security engineer, security officer, threat, violation

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!

Upload your resume

Loading some great jobs for you...