System Analyst

Role Requirements

• 4+ years of combined experience in Information Security Risk Assessment
• Proven expertise in Risk Assessment / Management Concepts, including :
• Auditing Methodologies and Approaches
• Information Security Policies, Standards, and Procedures
• PCI Standards
• ISO 2700x Standards
• NIST Risk Framework
• Legal, Regulatory, and Compliance Requirements
• Strong understanding of technology and security concepts, such as :
• Security Architecture and Design
• Application Security
• Network Security
• Cloud Technologies

Role Responsibilities

• Act as a key member of the Information Security Risk Assessment (ISRA) team.
• ISRA is part of the Risk and Compliance Security Office (RCSO) team who ensures the rest of the company is applying security correctly.
• Collaborate with management across departments and business functions to support security initiatives.
• Independently conduct end-to-end Information Security Risk Assessments.
• Evaluate security controls for :
• Critical applications
• Network infrastructure
• Cloud platforms
• Apply industry-standard frameworks such as :
• ISO 27001
• NIST
• Identify and assess :
• Threats and vulnerabilities
• Residual risks
• Gaps in compliance with internal Policies and Standards
• Develop and recommend risk-based remediation plans.
• Promote and manage security strategies and best practices across the enterprise.
• Provide information security assurance to support business operations.
• Demonstrate strong understanding of the IT environment and its influence on business risk.