Dice

Title: Information Security Risk Analyst. Minimum of five (5) years of experience performing Information Security assessments with knowledge of HIPAA, GLBA and PCI DSS regulations and frameworks such as NIST CSF.. Experience with Governance, Risk & Compliance and/or Vendor Risk Management platforms.. CISSP, CRISC certification.. Information Security Risk Analyst (W2 - Role) (Within NJ Local only)

information security

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Resourcesys, is seeking the following. Apply via Dice today! Job Details: No GCEAD/on C2C Through Vendor Title: Information Security Risk Analyst Location: Piscataway, NJ (Hibrid) Local with NJ Only Duration: CTH This position is Responsible for facilitating and evaluating internal and 3rd party information security risk assessments. Among the key duties of this position are the following: <ul><li>Provides risk remediation recommendations to mitigate identified control gaps and drives awareness of available supporting resources and technologies.</li><li>Works closely with stakeholders across campus to ensure that risks are well documented and communicated.</li><li>Maintains a formal risk register that drives security governance and ensures security finding is aligned with business objectives.</li><li>Acts as an SME for end-to-end management of findings for information security assessments for vendors, applications.</li><li>Assists in creating policies and procedures to help reduce risk.</li><li>Performs other t </li></ul>Minimum Education And Experience <ul><li>Bachelor's degree is required, preferably in Computer Science, Information Systems, Management Information.</li><li>Minimum of five (5) years of experience performing Information Security assessments with knowledge of HIPAA, GLBA and PCI DSS regulations and frameworks such as NIST CSF. </li></ul>Certifications/Licenses Required Knowledge, Skills, And Abilities <ul><li>Possess excellent interpersonal, communication and influencing skills.</li><li>Ability to collaborate effectively across a variety of disciplines and levels inside/outside the organization.</li><li>Ability to effectively analyze, document and communicate information security concepts to different user bases, including students, faculty, staff and systems personnel.</li><li>Demonstrates skill in conducting internal or external risk assessments and providing guidance on the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and/or remediation items.</li><li>Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.</li><li>Ability to identify and assess the severity and potential impact of risks and to communicate findings effectively to risk owners. </li></ul>Preferred Qualifications <ul><li>Knowledge of common cybersecurity frameworks and standards (e.g., NIST 800-171, ISO 27001/27002).</li><li>Experience with Governance, Risk & Compliance and/or Vendor Risk Management platforms.</li><li>Interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization.</li><li>CISSP, CRISC certification. </li></ul>Information Security Risk Analyst (W2 - Role) (Within NJ Local only)

START NEW SEARCH