IT Risk Services Analyst

IT Risk Services Analyst

Integrated Resources, Inc., is led by a seasoned team with combined decades in the industry. We deliver strategic workforce solutions that help you manage your talent and business more efficiently and effectively. Since launching in 1996, IRI has attracted, assembled and retained key employees who are experts in their fields. This has helped us expand into new sectors and steadily grow.

Job Description

Responsibilities:

• Work with project teams to provide Privacy Impact Assessments
• Conduct IT Risk Assessments on External Vendor's system architecture and design to ensure the security requirements meets maturity levels
• Review third party RFP responses with security architects, and evaluate SSAE16 SOC Type 2 reports and similar reports to identify key areas concerning security, risk and compliance
• Conduct training to project services resources on risk, security assessment process, and data privacy assessment process
• Assist with internal and external audits and assessments
• Assist with the development of programs to ensure compliance to regulatory requirements
• Perform other IT related assessments as assigned

Maintenance of Standards & Policies

• Contribute to the maintenance of IT Policies – Clean Desk Policy, AD Password Policy
• Create work instructions for evaluating requests against Standards & Policies
• Evaluate requests and applies the IT exception processes to these requests
• Clearly document and define risks and potential impacts and identify systems affected by the defined risk

Communication of IT Risk Services policies and standards

• Maintain and contribute to SharePoint sites regarding IT Risk content
• Create and/or coordinate training sessions as required
• Monitoring IT Risk Services mailbox and respond to requests and customer inquiries
• Answer and respond to ServiceNow help-line tickets – Administrative Rights, Removal and System identification, Ensure Software Compliance, Wireless Access Control, Email and Distribution list request, Vendor Network Access, Browser Exceptions
• Log and follow up on customer issues
• Interact with other teams : Global Information Security, Global Security, Cyber Security, and IT Teams as required

Disaster Recovery

• Track and assist with the completion and updating of Component Recovery Plans
• Communicate recommended business continuity preparations and controls, including deficiencies, to business units
• Approve restoration of Backup Data to DR sites
• Participate with internal audits and testing of Component and Disaster Recovery Plans

Monitoring & Reporting

• Provide summary and status reports regarding assessments and project status
• Summary reports exception requests and status
• Awareness of all risk-centric tools within the environment

Conditions of Work:

• On call rotation may be required
• Occasional after hours and weekend work required
• Occasional travel between the business sites may be required

Qualifications

Qualifications:

• Bachelor's degree preferred, with 3-5 years' information risk management experience preferred and/or advanced degree in related field
• Educational, Licenses and Certificates.
• CISSP certification or SANS certificates or certification preferred
• 3 + years' experience working with project teams
• Understands risk and security processes and uses the knowledge to respond to customer inquiries
• Interact with other teams : Global Information Security, Global Security, Cyber Security, and IT Teams as required