Information Security Risk Analyst II
Location: San Francisco, CA
Experience: 3+ years
Track: Consulting
Practice: Digital
About Us:
Job Description:
Skills: Who You Are
- A critical thinker, passionate, self-driven, and detail-oriented
- Have the technical and personal capability to partner with tech and business leads across the organization
- Are able to discuss issues at technical and business levels with audiences of various backgrounds
- Have knowledge of common security risks, attacker methodologies, common attack tools and patterns
- Are familiar with common audit and risk management methodologies Have experience working with GRC products
Requirements:
- Minimum 3+ years of related work experience in Information Security GRC or relevant Audit or Compliance roles at a public accounting/consulting firm or within a public company
- Able to communicate relevant information clearly and concisely both verbally and in writing
- Able to work independently on multi-task assignments in a fast-paced environment
- Prior experience with information security frameworks (i.e. ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust Principles, PCI DSS, NIST 800-53/CSF)
- Prior experience with conducting and analyzing security risk assessments at large complex organizations
- Professional certifications in Information Security or Risk Management (e.g., CISA, CISM, CRISC, or CISSP)
Education:
- Bachelor degree in Information Security, Computer Science, Management Information Systems or related field preferred.
Required Skills:
- COBIT
- ISO 27001
- SOX
- CISA
- INFORMATION SECURITY
Additional Skills:
- ISSUE MANAGEMENT
- METRICS
- MITIGATION
- NIST
- PCI
- PUBLIC ACCOUNTING
- RISK ASSESSMENTS
- RISK MANAGEMENT
- SECURITY
- SOC
- AUDITS
- CISM
- CISSP
- DETAIL-ORIENTED
- PAYMENT CARD INDUSTRY
- PROGRAM MANAGER
- REGULATORY COMPLIANCE
- REMEDIATION
- SARBANES OXLEY
- SARBANES-OXLEY (SOX)
- TRADING
Languages: English
- Read
- Write
- Speak
Certifications & Licenses:
- CISA
- CISM
- CISSP
Our Benefits: