Jobs
>
Montpelier

    Security Risk Analyst - Montpelier, United States - The College Board

    The College Board
    The College Board Montpelier, United States

    1 week ago

    Default job background
    Description
    This job was posted by : For more information, please see: Risk Analyst

    College Board - Risk Management

    Location This is a fully remote role.

    Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office).


    Type:
    This is a full-time position

    About the Team


    The Information Security Governance Risk and Compliance (ISGRC) team at the College Board checks and certifies the College Board\'s Information Security Programs.

    Our mission is to provide our stakeholders with meaningful insights that continuously improve the risk posture across the organization.


    ISGRC partners work with business leads to perform necessary security reviews of policies, systems, contracts, and vendors to better understand and manage risk.

    The team also manages security policies, security awareness training, and industry-recognized certifications (ISO 27001, SOC2 and PCI-DSS).

    About the Opportunity


    As a Security Risk Analyst, you will have the critical role of being responsible for evaluating and managing exceptions to IT security policies, for managing the Organization\'s Risk and Control Issues Register (Risk Register), and for developing reports and metrics.


    Your strong technical communication and negotiation skills will help you build relationships and collaborate with diverse stakeholders and reduce risk to the organization and ensure compliance.


    Under the direction of management, you will manage the Risk Register and perform security policy exceptions to help the College Board understand its critical risks.


    In this role you will:
    Manage the Risk Register (20%)

    Leads the management of the issues and risks and quickly escalates any untimely completion of audit actions.

    Works independently to communicate risks and works with others to problem-solve risks to tolerance levels based on data and evidence.

    Maintains data quality of Risk Register and executes any required data clean-up exercises.

    {=html} - Understands College Board work to be able to drive Risk or Control Owners to ensure consistent application of policies and standards. - Raises awareness about Risk & Control Issues, Policy exceptions, and available risk reduction options. - Fosters a culture of risk awareness and compliance within the technology department and across the organization.

    Manage Policy Exceptions (65%)


    Independently analyzes policy exception submissions and provide risk assessment reports for critical service lines, applications, and infrastructure hosted on-prem and in the cloud.

    Evaluates and manage exceptions to IT security policies.
    Manages materials for the Exception Review Board and present exception information to executive leadership and senior team members.
    Maintains an up-to-date knowledge and understanding of IT security policies and principles.
    Maintains a customer-focused attitude in all interactions with customers and colleagues.

    Manage Metrics and Reporting (15%)

    Provides weekly and monthly reporting for the Risk Register and policy exceptions.
    Produces trending metrics and escalate exceptions.
    Performs other duties as assigned.

    About You

    5-7 years of experience managing or supporting IT Security Risk and Control Risk Register and processing policy exceptions.
    Strong understanding of risk management techniques such as: risk identification, risk scoring, risk mitigation, and risk tracking.

    The proven ability to lead conversations balancing risk and multiple business needs that result in positive outcomes with multiple stakeholders.

    The capacity to assess risk information and make risk recommendations independently.

    Strong organization and priori ization skills and the proven ability to manage multiple tasks simultaneously, both independently and as a member of the team.

    7-10 years of experience in information security; governance, risk, and compliance; and/or information technology projects.

    {=html} - Excellent verbal and written communication skills. - Experience with governance, risk, and compliance tools (e.g., RSAM, RSA Archer) preferred. - Experience with information security and privacy frameworks such as ISO 27001, COBIT, NIST-CSF, NIST 800-53, GDPR etc. - Current Information Security Certification (e.g., CISSP, CRISC, CISM, CISA, or related security certification) preferred or the ability to attain one within 6 months of hire. - Bachelor\'s degree in computer science, cybersecurity, engineering, IT management or four years equivalent IT and security industry experience. - For remote positions, ability to travel 4 times a year to our Reston, VA office. - Authorization to work for any employer in the USA

    About Our Proce
  • National Life Group

    Market Risk Analyst, Enterprise Risk Management

    1 week ago

    National Life Group Montpelier, United States Full time

    Market Risk Analyst, Enterprise Risk ManagmentThis position will support the identification, measurement, and monitoring of the financial risks of the company. This person will play a key role in quantifying our capital market risks and thus in shaping how risk-based decisions ar ...

  • EventVest

    Junior Pricing Analyst

    1 week ago

    EventVest South Windsor, United States

    Prolific 1 is the largest ticketing distribution company in the United States with millions of tickets sold each year. Join our team of results-driven professionals with a passion for live entertainment If you enjoy sports, music, or theatre and would like to incorporate that int ...

  • EventVest

    Junior Pricing Analyst- Sports

    1 week ago

    EventVest South Windsor, United States

    Prolific 1 is the largest ticketing distribution company in the United States with millions of tickets sold each year. Join our team of results-driven professionals with a passion for live entertainment If you enjoy sports, music, or theatre and would like to incorporate that int ...

  • National Life Group

    Retirement Benefits Specialist

    1 day ago

    National Life Group Montpelier, United States

    Retirement Benefits Analyst · Position Overview: · We are seeking a highly proficient Retirement Benefits Specialist to join our team. The Retirement Benefits Specialist will be pivotal in supporting the administration of our retirement benefits programs, ensuring they remain com ...

  • GovCIO

    Cyber Security Specialist

    1 week ago

    GovCIO Montpelier, United States

    GovCIOCyber Security Specialist (Remote)Montpelier ,VermontApply NowGovCIO is currently hiring for a Cyber Security Specialist With a focus on Risk Management and Network Security, you will collaborate with developers and designers to provide the best value to our customers. You ...

  • State of Vermont

    Public health analyst

    1 week ago

    State of Vermont Montpelier, United States

    Full job description · Overview · The Vermont Department of Health (VDH) is excited to hire a Public Health Analyst III (PHA III) in the Research Epidemiology and Evaluation Unit (REE) of the Division of Health Statistics and Informatics (HSI). This position combines team lead ...

  • National Life Group

    Business Development Analyst

    5 days ago

    National Life Group Montpelier, United States

    The Company · For 175 years, National Life Group ("NLG") has aimed to keep their promises to provide families stability in good times and in bad. And throughout that history, they have provided peace of mind to those families as they plan their futures. · As a mission-driven bu ...

  • Oracle

    Offensive Security Engineer, 3

    1 week ago

    Oracle Montpelier, United States

    Job Description · The Oracle Cloud Infrastructure (OCI) Offensive Security team provides OCI with the capabilities to ensure our systems and services meet the security objectives we communicate to customers. The Offensive Security group performs security assessments, vulnerabilit ...

  • Kansas Action for Children

    Technical Project Manager, Data Science

    1 week ago

    Kansas Action for Children Montpelier, United States

    at CrowdStrike, Inc. in Topeka, Kansas, United States · Job Description CrowdStrike, Inc. · at CrowdStrike, Inc. in Topeka, Kansas, United States · Job Description CrowdStrike, Inc. · Full time · Posted 19 Days Ago · R16069 · #WeAreCrowdStrike and our mission is to stop brea ...

  • Hatchit Co

    Jr. Data Analyst

    1 day ago

    Hatchit Co Montpelier, United States

    Thank you for your interest in joining the JDSAT team. hatch I.T. is facilitating the recruitment process, so please continue your application here for the Jr. Data Analyst All openings are full-time with JDSAT. · Who is JDSAT? Were not a data solutions firm. Were a boutique tech ...

  • Hatchit Co

    Jr. Data Analyst

    1 day ago

    Hatchit Co Montpelier, United States

    Thank you for your interest in joining the JDSAT team. hatch I.T. is facilitating the recruitment process, so please continue your application here for the · If you are considering sending an application, make sure to hit the apply button below after reading through the entire d ...

  • National Life Group

    Business Development Analyst

    1 week ago

    National Life Group Montpelier, United States

    The CompanyFor 175 years, National Life Group ("NLG") has aimed to keep their promises to provide families stability in good times and in bad. And throughout that history, they have provided peace of mind to those families as they plan their futures.As a mission-driven business, ...

  • National Life Group

    Retirement Benefits Specialist

    1 week ago

    National Life Group Montpelier, United States

    Retirement Benefits Analyst · Position Overview: · We are seeking a highly proficient Retirement Benefits Specialist to join our team. The Retirement Benefits Specialist will be pivotal in supporting the administration of our retirement benefits programs, ensuring they remain c ...

  • State of Vermont

    Business Support Analyst

    4 days ago

    State of Vermont Montpelier, United States

    Overview Are you interested in coordinating large IT projects with multiple stakeholders? Do you have a passion for improving the user experience of government services? We are seeking candidates with strong communication skills and a commitment to process improvement to join our ...

  • State of Vermont

    Business Support Analyst

    3 days ago

    State of Vermont Montpelier, United States

    Overview · Are you interested in coordinating large IT projects with multiple stakeholders? Do you have a passion for improving the user experience of government services? We are seeking candidates with strong communication skills and a commitment to process improvement to join ...

  • Public Consulting Group

    HR Project Manager

    2 weeks ago

    Public Consulting Group Montpelier, United States

    Overview · About Public Consulting Group · Public Consulting Group LLC (PCG) is a leading public sector solutions implementation and operations improvement firm that partners with health, education, and human services agencies to improve lives. Founded in 1986, PCG employs appr ...

  • Cardinal Health

    Engineer, Cyber Security Operations

    1 week ago

    Cardinal Health Montpelier, United States

    Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly ...

  • Hatchit Co

    Language Data Analyst

    1 day ago

    Hatchit Co Montpelier, VT, United States

    T. is facilitating the recruitment process, so please continue your application here for the · Data Analyst All openings are full-time with JDSAT. · We're not a data solutions firm. We're a boutique technology company that excels in developing solutions, identifying risks, and ...

  • Hatchit Co

    Jr. Data Analyst

    1 day ago

    Hatchit Co Montpelier, VT, United States

    Thank you for your interest in joining the JDSAT team. hatch I.T. is facilitating the recruitment process, so please continue your application here for the Jr. Data Analyst All openings are full-time with JDSAT. Who is JDSAT? We're not a data solutions firm. We're a boutique tec ...

  • Under Armour

    Professional, Field Test Analyst

    9 hours ago

    Under Armour East Montpelier, United States

    Professional, Field Test Analyst · Date: May 17, 2024 · Location: Remote, US · Company: Under Armour · Values & Innovation · At Under Armour, we are committed to empowering those who strive for more, and the company's values - Act Sustainably, Celebrate the Wins, Fight on Togethe ...