job summary:
We're looking for an Information Risk Management Analyst. This role on the Information Risk Management team will deliver against an information security/cybersecurity assessment plan that is integrated into a broader risk management program supported by executive management. Our ideal candidate has superb communication skills, as well as analytical and problem-solving skills.
What you will work on:
This role will be working with the Information Risk Management team and performing these key tasks:
- Identify, document and elevate visibility to information risk, where business direction creates potential for exposure to employee, athlete and product sensitive data streams.
- Perform detailed analysis of threats and vulnerabilities in all areas of information security including network security, asset security, security engineering, identity and access management, security operations and software development security. This also includes reviewing key system configurations and complex IT infrastructures (e.g. cloud services).
- Evaluate vendor processes at the point of engagement and ensure sufficient validation of data sharing arrangements and agreements protect sensitive information.
- Perform formal risk assessments on partner and vendor connections and ensure the business objectives align with the type and volume of data used in maintaining a "need to know/use" mindset.
- Become an advocate of Information security procedures, policies, and processes, and standards as a mechanism to enable the business effectively while managing risk appropriately.
- Provide enforcement of security policies, standards and procedures by working cross functionally with Compliance and Governance functions within the Corporate Information Security organization.
- Know the latest information security technologies, trends, standards, and methodologies.
Who you will work with:
This role reports to the Director of Information Risk Management within Corporate Information Security (CIS). You will need to create strong partnerships with business owners, CIS, and various governance and legal functions (e.g. Audit or Privacy).
What you bring:
- Bachelor's degree in Business Information Management, Computer Science or related field, OR relevant experience in lieu of a degree
- Knowledge of information security principles and practices, best practice security architectures, general procedures and guidelines.
- A general understanding of technology use, trends and risks as it applies in a business context and environment.
- Superb communication skills (written and verbal) with comfort and experience in presentation delivery, and proven persuasion skills
- Experience identifying solutions for complex problems in enterprise environments, and proven analytical and problem solving ability
- The ability to appropriately communicate complex security risks to non-technical staff
- Must be trustworthy in keeping sensitive data confidential
location: BEAVERTON, Oregon
job type: Contract
salary: $45.00 - 49.30 per hour
work hours: 8am to 4pm
education: Bachelors
responsibilities:
- Identify, document and elevate visibility to information risk, where business direction creates potential for exposure to employee, athlete and product sensitive data streams.
- Perform detailed analysis of threats and vulnerabilities in all areas of information security including network security, asset security, security engineering, identity and access management, security operations and software development security. This also includes reviewing key system configurations and complex IT infrastructures (e.g. cloud services).
- Evaluate vendor processes at the point of engagement and ensure sufficient validation of data sharing arrangements and agreements protect sensitive information.
- Perform formal risk assessments on partner and vendor connections and ensure the business objectives align with the type and volume of data used in maintaining a "need to know/use" mindset.
- Become an advocate of Information security procedures, policies, and processes, and standards as a mechanism to enable the business effectively while managing risk appropriately.
- Provide enforcement of security policies, standards and procedures by working cross functionally with Compliance and Governance functions within the Corporate Information Security organization.
- Know the latest information security technologies, trends, standards, and methodologies.
qualifications:
- Experience level: Experienced
- Minimum 5 years of experience
- Education: Bachelors
skills:
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).
This posting is open for thirty (30) days.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.