Vacancy expired!
Job Description
Responsibilities:
- Perform risk assessments to identify and document risks faced by the organization
- Advise on implementation of risk and security controls, including technical countermeasures, to proactively reduce risk exposure
- Operate IT SOX Controls for daily and weekly monitoring, as well as performing quarterly access reviews
- Assist in implementing the enterprise-wide risk framework
Qualifications
Requirements:
- Bachelor’s degree in a related field
- Certification such as CISSP, CRISC, CISM, CISA, or other related to the fields of information risk or information security
- Minimum of three (3) to five (5) years of information risk or information security experience in either the Big 4, a financial or healthcare institution, or vendor supporting such institution
- Prior experience performing risk assessments for cloud and on-premise data centers, using Factor Analysis of Information Risk (FAIR) or Value at Risk (VAR) methodologies
- Prior experience designing, operating or assessing IT controls for cloud and on-premise data centers (eg, Internal Audit, SOX audit, SSAE 18 SOC2 Type 2 reports, ISO2700X certifications, etc)
- Prior experience working with enterprise governance, risk and compliance (GRC) solutions would be a benefit
- Knowledge of cloud security and on-premise data center security solutions
- Knowledge and understanding of information risk/security principles and related industry standards, including: NIST, PCI, ISO 27001, HIPAA/HITECH and OWASP
- Must have a proven track record of excellent research and analytical skills
- Outstanding interpersonal and communication skills
- Cross-team functionality essential to understand business needs for existing clients and new vendors
#LI-JB1
Additional Information
Verisk Analytics is an equal opportunity employer.
All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability.
http://www.verisk.com/careers.html
Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.
Vacancy expired!