The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.
An American Company is seeking a Remote Sr. InfoSec Risk Exceptions Analyst
Sr. InfoSec Risk Exceptions Analyst is a part of Information Security Governance Risk and Compliance team. This position oversees the process to ensure any non-compliance to company expectations has the appropriate risk documented and actions outlined to mitigate and resolve the issue. This position will work with exception owners for complete and timely resolution and provide regular updates to Executive Management on status and outstanding risks.
• Oversee security exception management process, including periodic risk reviews, approvals and reporting.
• Understand information security risks and assessing mitigation strategies to confirm alignment with risk appetite.
• Support the development of security exception management automation and tooling and continued enhancement (currently leveraging ZenGRC tool)
• Lead continuous improvement of security exception management process.
• Lead security exception management working group and participate in cybersecurity and risk working groups as required.
• Leveraging the Risk Management framework, determine risk level of each exception by assessing likelihood and impact of the risk introduced to the organization, mitigating controls to be put in place and remediation plans.
• Provide reporting that outlines key elements of the exception and risk to leadership for appropriate review and acceptance
• Work with all parties to develop recommendations for remediation to bring situation back into compliance.
• Influence and inform requestors and risk acceptors (up to the VP level) on the impact of the exception request to the organizational security posture.
• Develop reporting to inform Senior Management on the overall risk and status of security exceptions.
• Provide input into other Information Security Risk Management functions to inform ongoing compliance assessment, control testing and policy management processes.
Skills & Requirements
• Solid experience implementing and performing risk assessments and policy compliance monitoring processes.
• Ability to effectively facilitate with cross functional teams and work collaboratively across organizational lines.
• Capability to apply sound reasoning and judgement when performing risk assessments, prioritize risks for management attention and appropriate response.
• Ability to produce and maintain accurate reports and other administrative documents pertaining to the position
• Robust communication skills (both written and oral); able to concisely communicate risk to both technical and business audiences.
Education & Experience
• Bachelor's degree, in a related discipline, or equivalent
• Typically, a minimum of seven years of related work experience.
You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is an Equal Opportunity Employer including disability/veteran.
In accordance with applicable federal and state law protecting qualified individuals with known disabilities, Hays U.S. Corporation will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570
Drug testing may be required; please contact a recruiter for more information. #1143232
Type de contrat
Technology & Internet Services
Data & Advanced Analytics
125,000 - 145,000
Offres similaires à Sr. InfoSec Risk Exceptions Analyst