These job descriptions are examples. Looking for work?

Find JobsFind Jobs

Information Security Risk Management & Compliance Specialist

0 people like this description

Aquent's Fortune 500 retail client is looking for an Application Architect to work a 6 month contract on-location in Richfield, MN. Local candidates preferred. This role is in the Enterprise Information Protection - Risk and Compliance.

Project Description:
Information Security Risk Management and Compliance Specialist will provide assistance in development, coordination and management of Information Security Risk Management program.
The Risk and Compliance Specialist will support regulatory compliance risk management, risk and control assessments and control effectiveness testing
• Conduct risk assessments, assist in control effectiveness testing and provide reporting on issues, deficiencies and recommendations
• Track, monitor and validate remediation of issues identified through the risk management and control testing programs
• Assist in the planning, preparation and completion of Information Security Risk Management reporting

Responsibilities:
• Assist in development of Information Security Compliance and Risk Management Programs
• Assist in development of metrics and measurement systems that identify weaknesses in controls and drive remediation.
• Conduct risk assessments, perform control effectiveness testing and provide reporting on issues, deficiencies and recommendations
• Track, monitor and validate remediation of issues identified through the risk management and control testing programs
• Assist in the promotion of risk and compliance awareness, including identifying risk and compliance training opportunities and helping coordinate the development of training programs
• Contribute to Compliance and Risk Management projects and initiatives
• Keep abreast of emerging regulations, risk management and compliance best practices and industry trends

What would a normal day for this position look like?
• 25% Attending meetings
• 25% Developing strategy for long term risk and compliance management program
• 25% Conducting risk assessments, perform control effectiveness testing and provide reporting on issues, deficiencies and recommendations
• 25% Tracking, monitoring and validating remediation of issues identified through the risk management and control testing programs
**May change based on business needs

Skills Overview:
• Bachelor's degree or equivalent experience in Compliance, Risk Management and/or Internal Audit
• 7+ years of relevant work experience which may include Information Security, IT Enterprise Architecture, IT Vendor Assessment, Development, Production Assurance and/ or IT Governance, Risk and Compliance areas
• 7+ years of experience in Information Security Risk Management
• Control testing and reporting experience
• Knowledge of NIST
• Ability to weigh business needs against risk concerns and articulate issues to management.
• Ability to handle multiple priorities, while meeting deadlines.
• Preferably holds one or more of the following or equivalent certifications: CISSP, CISM, CISA, CIA,CRISC, CGEIT CIAC, ISO
• Experience with GRC Tools such as Archer- a plus
• Experience with standard desktop tools, including Microsoft Office

Soft Skills
• Strong analytical, problem solving, organizational and project management skills.
• Strong written and verbal communication skills; strong interpersonal and relationship management skill

These job descriptions are examples. Looking for work?

Find JobsFind Jobs