Security Analyst II (GRC/Audit) - PAPL4594

19 May 2019
30 May 2019
Job role
Contract type
Full time
Infogroup is looking for top talent to join our dynamic and innovative team. We are currently seeking a Security Analyst II to join our Papillion, NE, Dallas, TX, or Burlington, MA?office.The Security Analyst II position will perform control assessments on third party control environments, including infrastructure/application stacks and other technologies. In addition will provide thought leadership on all aspects of third party assessments, including construction of control language, documentation standards, quality and future product enhancements.

Essential Job Functions:?

1. Conduct assessments of third parties and present to executive level Infogroup personnel and those of third party providers.

2. Implement the IT governance, risk and compliance management program under the direction of the Director of Information Security. Manage compliance efforts with applicable regulatory and legal requirements.

3. Conduct internal/external risk assessments and risk analysis reporting to internal and external stakeholders.

4. Collaborate with business teams across the global organization to develop and execute the Information Security Risk Compliance and Risk Management program framework, extending processes as necessary to help company identify information risk and manage mitigation to an acceptable level.

5. Input data on clients and vendors into the GRC system and work with legal, information technology, information security and the overall company to leverage the GRC system to enhance business processes to reduce risks.

6. Identify and work with respective owners for the mitigation of risk for IT processes which are not compliant with information security and risk frameworks or legal/regulatory requirements.

7. Review and evaluate completed questionnaire(s) and supporting materials provided by suppliers to ensure completeness and alignment with Infogroup control requirements.

8. Provide input into all aspects of the risk assessment process and lead assessments of suppliers, providing the overall technical, risk and security expertise, conduct onsite reviews if applicable.

9. Identify opportunities for process improvements to deliver increasing operational efficiency in processes related to assessment

10. Monitor and manage issues and risk register to ensure risks are accurately represented and actively managed.

11. Prepare management reports and assists with project management responsibilities within the Information Security organization.

12. Work closely with global business, contract and legal teams to assess proposed terms and conditions, align with appropriate risk profile and provide feedback on changes needed.

13. Identify trends and early indicators regarding issues and report to management.

14. Prepare and manages project plans, including work breakdown, obtaining resources, collaboratively resolving escalated issues, and monitoring schedules to achieve timely deliverables, on–budget.

Knowledge, Skill, and Abilities:

1. Solid understanding of Governance, Risk and Compliance programs and methodologies of identifying, managing and mitigating risks.

2. Skills to engage third party providers to fosters collaboration, information sharing and trust.

3. Capable of operating an independent QC function

4. Proficient verbal and written communication skills, including the ability to independently and effectively participate in strategic collaborations with peers and present to senior management.

5. Sound knowledge of Risk and Controls practices

6. Technical or business knowledge of Third Party Risk management practices, products and services is an advantage

7. Proven ability identifying issues/defects and recommend solutions.

8. Excellent written and verbal communication skills.

9. Proven analytical skills.

Education, Experience, and Certification:

1. Bachelor's degree or equivalent experience

2. 3–5 years of relevant professional experience in Technology Risk Management, Internal and/or External Audit

3. Professional certification(s) (CIA, CISA, CISSP, CTPRP or equivalent experience) is (are) a plus

4. Experience performing technical risk and control assessments to validate evidence of security control requirements.

We're revolutionizing the way companies connect with their customers and grow their businesses. Find out how you can join the movement at? . Please reference requisition number?PAPL4594.

Infogroup is a leading provider of data and data–driven marketing solutions. Infogroup provides data, technology and services that help marketers acquire new customers and maximize the value of existing relationships. The company's data and marketing solutions help clients of all sizes, from local SMBs to FORTUNE 100? enterprises, increase sales and customer loyalty. Infogroup provides both digital and traditional marketing channel expertise that is enhanced by access to our proprietary data on 280 million individuals and 24 million businesses. For more information, visit? .

At Infogroup, our employees are directly responsible for our success. We strongly believe in rewarding employees for their initiative, teamwork and leadership. Every day, we expect our employees to ask questions, demand better solutions and challenge one another to succeed. We are constantly looking for candidates who are not only qualified and knowledgeable, but also have the drive to grow professionally. We hire dynamic individuals in variety of fields such as information technology, account management and client services, sales, marketing, administration and human resources.

Affirmative Action/EEO Policy

At Infogroup, we are committed to attracting, retaining and engaging employees from all walks of life. Diversity is an important part of our values and business operations. We are dedicated to creating an inclusive environment that promotes professional development for everyone. As part of that commitment, Infogroup does not discriminate on the basis of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, marital status, status with regard to public assistance, status as a disabled veteran and/or Veteran of the Vietnam Era or any other characteristic protected by federal, state or local law. All qualified applicants will receive consideration for employment. In addition, Infogroup will provide reasonable accommodation for otherwise qualified disabled individuals.

Similar jobs

Similar jobs