This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Sutton Bank - Columbus, OH
posted 2 months ago
About the position
The Information Security Risk Analyst serves as a crucial liaison between the Information Security Office and various department executives. This role is responsible for identifying and testing existing controls, understanding where controls need to be within processes, and ensuring compliance with technology frameworks and applicable regulations such as ISO, NIST, FFIEC, and FDIC. Key functions include conducting gap analysis, project tracking, and executive reporting, making this position vital for maintaining the organization's information security posture.
Responsibilities
- Analyze, assess and document business requirements clearly to support the business.
- Identify controls or opportunities based on technical frameworks (i.e., ISO, NIST, etc.).
- Catalogue, test, and monitor controls.
- Create and perform gap analysis and provide strategies to implement and mitigate identified risks.
- Define business architecture and functional design.
- Manage projects, develop project plans, and monitor performance.
- Monitor deliverables and ensure timely completion of projects.
- Conduct meetings and presentations to share ideas and findings.
- Conduct functional walk-throughs with various stakeholders.
- Analyze system impacts to other systems and procedures.
- Participate in training personnel on enhancements and new systems or procedures.
- Create executive reporting and strategy documents.
Requirements
- Bachelor's Degree in information systems or related field or equivalent combination of education and experience/training.
- Three years of combined experience in requirements development, operations analysis, business management consulting, project management, testing controls, or enterprise risk management.
- Excellent verbal and written communications at both business and deep technical levels.
- Advanced knowledge of multiple end-to-end systems development life cycles.
- Strong understanding of and experience with process improvement and process mapping.
- Strong understanding and experience with creating complex process flows with control points via Visio Pro.
- Strong understanding of ISO, NIST, FFIEC, and other control frameworks.
- Strong understanding and experience of enterprise risk management.
- Strong leadership skills, dependable, curious, matrix-oriented, a visionary, solution-oriented, delivers exemplary customer service and quality focused.
- Excellent interpersonal skills.
- Strong knowledge of the business area that is being supported.
- Self-directed and motivated.
- Ability to manage multiple tasks.
- Excellent problem-solving skills.
- Technical writing skills.
Nice-to-haves
- Understanding of the FinTech industry.
