Sign up menu

Information Security Analyst II

Advisor Group Atlanta, GA
Apply

Information Technology Opportunity in Enterprise Technology Services

Risk Analyst II


Location(s):      12325 Port Grace Blvd, La Vista, NE 68128

Role Type:        Full time (Hybrid/Remote)

Summary:

The Governance Risk and Compliance Department of Advisor Group provide independent and objective assessments to determine if all significant risks are identified and appropriately reported by management and evaluate whether risks are adequately controlled.

The Governance Risk and Compliance Department is seeking a Risk Analyst II with advanced Information Technology Audit and Vendor Risk Management experience.  This position will work with business areas throughout the firm to identify and manage Information Security and Information Technology Risks.  This position will also perform Vendor Risk Management duties that will include but are not limited to reviewing vendors from a security perspective when onboarding a vendor and re-assessing the vendor on an annual basis.  Our ideal candidate would provide regulatory guidance and conduct continuous risk assessments, emphasizing NIST controls. 

Responsibilities:

  • Proactively identify and communicate current and emerging risks with appropriate business and leaders.
  • Influence and negotiate appropriate actions to mitigate or prevent failures related to identified risks.
  • Liaise with Information Technology on gathering data to support the quantification of various emerging risk scenarios.
  • Perform IT and IS Risk assessments against Advisor Group's Unified Control Framework.
  • Analyze data to better understand potential risks, concerns, and outcomes of decisions.
  • Aggregate data from multiple sources to provide a comprehensive assessment.
  • Create reports, summaries, presentations, and process documents to display results.
  • Collaborate with other team members and external and internal auditors to effectively analyze and present data.
  • Develop systems and processes for gathering and storing data for future analytic projects.
  • As needed, assist with special projects related to Risk Management or internal team needs.
  • Ability to travel 5% to 10%.

Education Requirements:

  • Bachelor's Degree in information security, information technology, information security assurance, or related field is preferred; H.S. Diploma or GED certificate + Significant Practical Experience will be considered

Basic Requirements:

  • 3 - 5 years of experience as a Risk Analyst in a similar company or related field.
  • A deep understanding of Information Technology (i.e., Active Directory, Firewalls, Routers, Infrastructure, Databases, Logging, Monitoring, Change Management, Segregation of Duties, Cybersecurity, Physical Security, IT operations, Network Security, and Cloud Computing).
  • A deep understanding of Data Center operations, security, and risk assessments.
  • Demonstrated ability to prioritize tasks and meet daily deadlines for projects.
  • Detail oriented.
  • Proficiency in Microsoft Excel, Access, Visio, and other analysis programs.
  • Ability to manage multiple projects and programs simultaneously to complete work.
  • Critical thinking skills with the ability to independently solve problems with data.
  • Presentation skills, including public speaking and presentation creation using PowerPoint or a similar program.
  • CISSP or CISA certifications are strongly preferred.  Other relevant certificates will be considered.
  • Understanding risks and internal controls and the ability to evaluate and determine the adequacy and effectiveness of controls.
  • Experience with NIST Risk Framework.
  • Experience required with FINRA, FFIEC, PCI, CCPA, NYDFS regulatory requirements.
  • Excellent analytical skills, including the ability to anticipate issues and design appropriate solutions.
  • Strong verbal and written communication skills with a shown ability to articulate effectively and authoritatively.

Preferred Requirements:

  • 5+ years of experience as a Risk Analyst in a similar company or related field.
  • Experience required with FINRA, FFIEC, PCI, CCPA, NYDFS regulatory requirements.
  • Excellent analytical skills, including the ability to anticipate issues and design appropriate solutions.
  • Experience in building technical risk assessment or security assurance programs.
Date Posted June 11, 2022
Date Closes July 11, 2022
Requisition R0002820
Address 2300 Windy Ridge Pkwy #750
Located In Atlanta, GA
Work At Atlanta
SOC Category 00-0000.00
Apply

Similar Jobs

icon
05 July ( Today )

Grounds Maintenance Specialist

icon
05 July ( Today )

Staff Psychologist

icon
05 July ( Today )

Clinician