CISSP Jobs - Information Security Analyst II (Risk Management), 13645

at Project Manager USA, Inc.
Date Posted May 12, 2019
Category Default
Job Type Full-time



  • Implement all risk-related activities of the Funds Information Security Department (IS), including accessing, planning, testing, reporting and recommending appropriate remediation measures
  • Ensure the confidentiality, integrity, and availability of the Funds and members data and system
  • Benchmark risk management practices; maintain up-to-date understanding of industry best practices, monitor legal and regulatory environment for developments that could require changes to established IS policies and practices
  • Partner with the Information Technology (IT) department and business units to facilitate IS risk analysis and risk management processes, identify acceptable levels of residual risk, establish roles and responsibilities related to information classification and protection
  • Assist with monthly vulnerability review of 200+ servers including validation of vulnerabilities with business owners; prepare reports and provide findings for IT department and executives, document and track corrective actions or remediation strategy
  • Oversee and monitor risk mitigation strategies; coordinate with the Compliance Director, Information Security Officer (ISO) and the Chief Information Security Officer (CISO), to ensure business units are taking effective remediation steps
  • Create, disseminate and (as required) update documentation of the Funds matrix of identified IS risks and controls; ensure defined processes and standards are maintained
  • Perform additional duties and projects as assigned by management
  • Bachelor’s degree in Information Security or equivalent years of experience required; plus
  • Minimum three (3) years Risk Management experience required in an Information Technology environment or related discipline (Information Security, Business Continuity Management or Compliance)
  • Certified Information Systems Security Professional (CISSP) certification required; SANS and other InfoSec related certification a plus
  • Demonstrated experience with Risk Management and Security Architecture Reviews required
  • Knowledge and experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001 and the IT Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (CobiT) and National Institute of Standards and Technology (NIST) frameworks
  • Excellent troubleshooting and analytical thinking skills
  • Superb communication, interpersonal skills and collaborative skills a must
  • Self-directed, self-starter, and motivated with the ability to work with minimal supervision
  • Must meet performance standards including attendance and punctuality

We offer a competitive salary, an excellent fully employer-paid comprehensive benefits package and talented professional colleagues.