Sr. Information Risk Analyst

AltaStaff - Rancho Cordova, CA (30+ days ago)3.8


Position Purpose: Design, implement and monitor IT controls for core applications and systems. Analyze IT data to assess risk and improve processes and efficiency.

  • Design, monitor and evaluate controls for effectiveness and efficiency to mitigate areas of risks
  • Prepare and document standard procedures and protocols.
  • Assess application risks, system risks and data processes within IT and address risks with applicable general controls and recommend solutions
  • Utilize qualitative analysis to assess risk and translate to quantitative ouputs
  • Review and prepare scheduled risk assessment reports from both internal and external requests
  • Recommend application and system level controls in adherence to best security practices
  • Complete optimization reviews and prepare risk reports associated with the completion of scheduled assessments
  • Identify key controls and coordinate appropriate measurement efforts for process improvement
  • Lead and assist others with designing the IT environment to conform to relevant industry standards, such as ISO 27001, HIPAA, Sarbanes-Oxley, PCI-DSS and other related state requirements
  • Lead and assist others with implementation of department strategy related information systems and technology architecture
  • Educate and train employees in the fundamentals of Security Risk Management
  • Establish new or improved methods design patterns and standards to solve moderate problems
  • Provide support, direction and guidance to project team membersQualifications:

Education/Experience: Bachelor's degree in IT, MIS, Accounting, Finance, Business Administration, related field or equivalent experience. 4+ years of combined auditing and IT controls design experience. Knowledge of IT systems and processes and experience evaluating internal technical control systems required.

Licenses/Certifications: CISSP, CRISC, CISA, or CISM preferred

Job Type: Full-time

Salary: $115,000.00 /year

Experience:

  • combined auditing and IT controls design: 4 years

Education:

  • Bachelor's

License:

  • CISSP, CRISC, CISA, or CISM