Information Security Risk Analyst


Premium Job From Harvey Nash

Recruiter

Harvey Nash

Listed on

8th June 2015

Location

Edinburgh

Salary/Rate

£65000 - £75000

Type

Permanent

This job has now expired please search on the home page to find live IT Jobs.

Information Security Risk Analyst

Job Description

*Collaborate with supplier relationship managers to help document the inherent risks in certain third party relationship and the controls in place to ensure a secure and compliant engagement

*Be responsible for reviewing security controls and/or regulatory compliance measures present at high and critical-rated Third Party Providers

*Develop reports to help management, business line management and other risk-related stakeholders understand the status of on-going assessments, the actions required to remediate risks, and the risk posture of certain business units as it relates to vendors

*Collaborate with Legal and Procurement groups to ensure that contracts with third parties reflect an appropriate level of control for IT/security risks.

Qualifications/Skills

*Experience of IT Audit or Information Security experience, particularly in a role related to third party risk assessment

*Familiarity in reviewing SSAE16 and other independent reports, and a strong knowledge of applicable federal and state privacy/security laws and accreditation standards

*Proven ability to translate complex regulations (ISO, SOX, NIST, UK PRA, EU Data Directive, HIPAA, and PCI, etc.) into clear, easily understood action plans

*Effective written and oral communication skills

*Strong negotiation skills

*Ability to train others in security concepts

*Ability to synthesize data about information risks to identify hidden trends and themes, and to communicate this information to internal stakeholders

*Industry certification a plus (CISSP, CISA or CISM, etc.)

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: