Job Title: Security Analyst III – Information Risk Management
Location: Madison WI
Position Information
Under the general guidance of the Chief Information Security Officer (CISO) and in cooperation with the Security Team Lead, this position is responsible for providing advanced security policy analysis. The role includes developing and maintaining information security policies and workforce training and awareness, serving as a resource for staff and leaders regarding information security policy implementation, interpretation, and compliance, and potentially leading projects to implement new security controls. Daily, weekly, and monthly duties involve operating security control systems and monitoring compliance with security policies and procedures.
Required Skills
Java Development: 3+ years of experience in Java programming, focusing on security-related applications and systems.
IT Security: 3+ years of experience in IT security, including knowledge of security protocols, encryption, and vulnerability management.
IT Professional: 5+ years of experience in the IT industry with a strong understanding of network security, system architecture, and software development.
Vendor Security Offerings: 3+ years of experience in evaluating or implementing vendor security solutions and integrating them into existing systems.
Attention to Detail: Strong attention to detail to ensure the accuracy and reliability of security policies and procedures.
Communication Skills: Excellent written and verbal communication skills to effectively communicate security policies, risks, and procedures to various stakeholders.
Preferred
Certifications: CISSP or equivalent certification – 1 year
Regular Duties
Information Security Risk Assessment: Identify, analyze, evaluate, and document information security risks and controls based on established risk criteria.
Risk Management: Measure, monitor, and manage risks related to the use of Information Technology, Information Security, Privacy, Regulatory Compliance, and Governance. Ensure and monitor compliance with industry and government rules and regulations at all levels.
Control Implementation: Assist the security team in conducting gap analyses and implementing frameworks and standards such as ISO 27001, NIST, and CSC. Engage with stakeholders to identify issues, understand their needs and challenges, and proactively find ways the program can support those needs.
Coordination: Provide coordination to the GRC team by setting goals, objectives, and performance metrics, and ensuring that the team is aligned with the organization’s mission. Develop strategies to improve the effectiveness of the GRC program.
Tekhire Solutions is a world-class technology focused on customer-driven solutions and has a deep dive knowledge of client requirements. Tekhire is best in connecting a bridge between highly skilled workers and the Fortune 500. Always thrives to be up with the technology trends, Innovation and transforms our trusted clients with certified and enterprise solutions that makes difference in the business.
