Information Security Risk Analyst Consultant

New York, NY 10017

Employment Type: Contract Industry: Cybersecurity/InfoSec, IT/Infrastructure/Network Job Number: 2789 Salary Level: 100.00
Mid-sized Asset Management Firm seeks a Senior Information Security Risk Analyst Consultant to reduce information security risk within the organization and facilitate the alignment of the business areas with regulatory expectations and best practices.

Working within the IT Group you will be responsible for implementing, coordinating, and participating in the Information Risk Management processes related to deploying the appropriate controls within the Information Technology environment.

In addition, you will be responsible for ensuring new controls are incorporated into the Risk Control Self-Assessment (RCSA) process. This will require extensive liaison work with the Information Technology, Risk Management and Internal Audit teams.

In summary you will:
  • Liaise between Risk group and Information Technology  regarding Information Risk Management issues. 
  • Perform a Gap Analysis of existing controls against a newly adopted Threat & Control library. 
  • Perform a Gap Analysis of new Control Objectives against existing Information Technology Policies & Procedures. 
  • Work with Subject Matter Experts to ensure missing controls are identified and Policies & Procedures are correctly updated to reflect the new controls. 
  • Work with the IT Business Management Team and SMEs to ensure new controls are incorporated into the RCSA design process and that new controls are tested during the testing phase of the RCSA. 
  • Perform GAP analysis and strengthen internal controls and prevent unauthorized and improper access to data, thereby ensuring the appropriate protection of information assets. 
  • Facilitate the continued improvement in information security risk management and culture across the firm, through continual refinement and implementation of the Information Security Framework. 
  • Build and maintain relationships with the organizations business areas. 

Requirements include: 
  • 8+ years of Information Security risk management experience within financial services. 
  • Must come from an IT background and have strong Information Technology experience including Information & Operational Risk Management, Cybersecurity, Identity & Access Management, Project Management, Application and Operation Support. ITIL,...
  • Microsoft Project and Visio.
  • Completed Bachelor’ s Degree in Computer Science or related course of study required.
Information Risk, GAP Analysis, access controls, Risk Control Self-Assessment, RCSA
Apply Online
Apply with LinkedIn Apply with Facebook Apply with Twitter

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.