Information Security Risk Governance Analyst - Pelham Berkeley Search

High Profile Bank in Manhattan seeks an Information Security Risk Governance Analyst.

Tremendous full-time direct hire career opportunity with International Organization that offers a great work environment, interesting projects and competitive compensation (130-140K+ bonus).

In summary you will:

• Develop and manage information and cyber security related activities and projects in a key leadership role as you will be the second most senior individual in the information security risk group.
• Act as an Information Security subject-matter-expert to support and assist with providing guidance to Senior Management on information and cyber security issues.
• Review and propose practical changes to potential and existing Information Security policies, procedures, practices, and guidelines to ensure regulatory compliance.
• Coordinate and manage the employee information security awareness training program.
• Assess and evaluate Information Risks by conducting annual risk assessment, vulnerability Assessments and special risk assessments for new information risk related processes and trend analysis of key information risk measurements.
• Work with IT and coordinate any incident response to cyber security events.
• Review vendor service level agreements and contracts to provide guidance on information and cyber security protective controls and countermeasures.
• Develop and maintain information risk Key Risk Indicators (KRI's).
• Perform key Information Risk Governance related tasks including provides user access control management oversight; monitors, analyzes, and follows-up on Information Risk events/issues;
• Review information risk and advise on IT Projects/Issues Management process, Change Management Process, Significant changes to IT procedures, IT Asset Management Report, Key IT Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, and Internal or external audit findings.

Requirements include:

• 5+ years of related Information Risk Governance experience with extensive Information Security / IT Audit.
• Information security certification (CISSP)
• Strong understanding of Information Risk assessment concepts and principles as they relate to risk tolerance and business risk exposure.
• Financial industry experience and understanding of financial industry structure and concepts.
• Completed Bachelor's degree.
• Knowledge and expertise in Risk Assessment and Risk Analysis.
• In-depth knowledge of Information Technology and ability to analyze and design Information Security monitoring process.

information security, risk governance, cisspinformation security, risk governance, cissp