-
INFOSEC Risk Analyst
3 weeks ago
The Judge Group Inc. Sacramento, United StatesLocation: Sacramento, CA · Salary: $40.00 USD Hourly - $45.00 USD Hourly · Description: Our client is currently seeking a INFOSEC Risk Analyst · The governance, risk, and compliance (GRC) InfoSec Risk analyst is responsible for supporting the security direction of the busines ...
-
Emergency & Risk Management Analyst
3 weeks ago
California State University Sacramento Sacramento, United StatesEmergency & Risk Management Analyst · Job No: · 534546 · Work Type: · Staff · Location: · Sacramento · Categories: · Unit 9 - CSUEU - Technical Support Services, Administrative, Probationary, Full Time, Safety, On-site (work in-person at business location) · Working Title: ...
-
Insurance and Risk Management Analyst
2 weeks ago
Sedgwick Sacramento, United StatesTaking care of people is at the heart of everything we do, and we start by taking care of you, our valued colleague. A career at Sedgwick means experiencing our culture of caring. It means having flexibility and time for all the things that are important to you. It's an opportuni ...
-
PMO Analyst
2 weeks ago
RADcube Sacramento, United States**PMO Analyst**: · **Type**:Contract | **Location**:Sacramento, California · Role Description: · We are seeking a highly motivated PMO (Project Management Office) Analyst to join our team. · The PMO Analyst will play a pivotal role in supporting project management activities, ens ...
-
IT Business Analyst
3 weeks ago
Sabot Consulting Sacramento, United States**IT Business Analyst - MMIS** · **Location**: Remote · **Salary**: $90-155k · Sabot Consulting is seeking an IT Business Analyst that will play a crucial role in analyzing, designing, and implementing technical solutions to meet our organization's business needs on a MMIS projec ...
-
Investment Support Analyst
3 weeks ago
CalSTRS West Sacramento, United States**CalSTRS is Hiring Are you ready to take your career to the next level?** · The CalSTRS Investments Branch is seeking an experienced individual to work as a Staff Services Analyst on the Global Equity team. · Global Equity is the largest asset class by market value in the total ...
-
Business Analyst
2 weeks ago
Sabot Consulting Sacramento, United States**Business Analyst - DocQNet** · **Location**: Remote · **Salary**: $90-165k · Sabot Consulting is currently seeking a Business Analyst to assist the DFPI with completing the business process documentation and requirements activities associated with Project Approval Lifecycle (PA ...
-
Portfolio Manager, Sustainable Investment
3 weeks ago
CalSTRS West Sacramento, United States**CalSTRS is Hiring Are you ready to take your career to the next level?** · **This position is eligible for incentive compensation and has a maximum incentive opportunity of 125% of base salary.** · The CalSTRS Investments Branch is seeking an experienced individual to work as a ...
-
Staff Services Analyst
3 weeks ago
Employment Development Department Sacramento County, CA, United States**This position is considered "hybrid" with on-site work two days a week at 722 Capitol Mall and telework three days a week, on average, dependent on operational needs. Currently in office days are Tuesday and Wednesday.** · About WSB: · The Workforce Services Branch (WSB) admini ...
-
Staff Services Analyst
2 weeks ago
California Governor's Office of Emergency Services Sacramento County, CA, United StatesAre you looking for an exciting and fast-paced career? Join the California Governor's Office of Emergency Services (Cal OES) and be part of an organization that serves as a leader in emergency management and homeland security through dedicated service to all. We are looking for e ...
-
Investment Officer, Fixed Income
1 week ago
CalSTRS West Sacramento, United States**CalSTRS is Hiring Are you ready to take your career to the next level?** · The CalSTRS Investments Branch is seeking an experienced individual to work as an Investment Officer I on the Fixed Income team. · The Fixed Income Unit is dedicated to maximizing risk-adjusted total ret ...
-
Staff Operations Specialist,
3 weeks ago
Franchise Tax Board Sacramento County, CA, United StatesUnder the general direction of the Administrator II in the Filing Enforcement Section, the Staff Operations Specialist on the Filing Enforcement (FE) Systems Analysis and Support (SAS) team works to promote filing compliance of taxpayers and the success of the FE program. The FE ...
-
Product Manager
3 weeks ago
Rhombus Sacramento, United States**Who We Are** · Rhombus Systems is on a mission to make the world a safer place. For organizations, video security is an essential tool to maintain safe environments, yet today it is one of the most outdated and stagnant pieces of technology. Rhombus Systems changes that with it ...
-
Gartner Sacramento, United States**Description**: · **Who we are**: · Gartner's Consulting business is an **_extension_** **of Gartner's industry-leading IT Research. From CIOs, to leaders in business and government, we help Gartner clients across enterprises translate insights into transformational actions and ...
-
Information Technology Specialist I
3 weeks ago
California Health and Human Services Office of Technology and Solutions Integration Sacramento County, CA, United StatesJob Description and Duties · This position offers an exciting opportunity to participate in delivering a new Comprehensive Child Welfare Information System (CCWIS) with Child Welfare Digital Services (CWDS), a unique collaboration involving the California Health and Human Service ...
-
Risk Management Analyst
3 weeks ago
SAFE Credit Union Folsom, United StatesSalary Range: $89, $111,800.00 · Exact compensation may vary based on skill, experience and location. · POSITION PURPOSE · The Risk & Assurance Analyst within the Enterprise Risk Management (ERM) department plays a pivotal role in supporting Business Continuity Management and ...
-
Risk Management Analyst
3 weeks ago
SAFE Credit Union Folsom, United States· Salary Range: $89, $111,800.00Exact compensation may vary based on skill, experience and location. · POSITION PURPOSE · The Risk & Assurance Analyst within the Enterprise Risk Management (ERM) department plays a pivotal role in supporting Business Continuity Management and I ...
-
Research Data Analyst I
1 week ago
CA State Lottery Sacramento County, CA, United StatesUnder the general direction of the Chief of Financial Analysis and Risk Management, the Research Data Analyst I will perform a variety of research, analytical, and technical tasks to support the Finance Division's initiatives in maximizing profits and managing risk. The Finance D ...
-
Associate Governmental Program Analyst
11 hours ago
Public Employees Retirement System Sacramento County, CA, United States**Anticipated Interview Dates**: We anticipate holding virtual interviews the week of June 3, 2024. · **Telework Information**: This position is eligible for a hybrid work schedule, with up to two days of remote work and three days or more onsite, per week. · Do you have a passio ...
-
Associate Governmental Program Analyst
6 days ago
California Governor's Office of Emergency Services Sacramento County, CA, United StatesAre you looking for an exciting and fast-paced career? Join the California Governor's Office of Emergency Services (Cal OES) and be part of an organization that serves as a leader in emergency management and homeland security through dedicated service to all. We are looking for e ...
InfoSec Risk Analyst - Sacramento, United States - Search Pros Inc
Description
Job Description:
M-F 8am to 5pm // Hybrid in Sacramento CA
The governance, risk, and compliance (GRC) InfoSec Risk analyst is responsible for supporting the security direction of the business and elevating the company's security posture.
The GRC InfoSec Risk analyst is expected to support the security strategy of the business within new and existing information system capabilities.
Consequently, the position requires both an understanding of legacy systems, as well as new technologies and requirements. The GRC InfoSec Risk analyst is also responsible for the analysis and implementation of policies and maintenance.The ideal candidate is technical and possesses at least five years of experience in IT security, compliance, or risk management.
In tandem with IT and security leadership, the GRC InfoSec Risk analyst consistently assesses and validates the assurance of the security program.
As a primary point of contact for internal and external auditors, the GRC InfoSec Risk analyst monitors progress and enforces resolution of outstanding issues that may lead to non-compliance or security threats to the business.
As a key member of the IT GRC team, the GRC security analyst must focus on strong risk management and corporate resiliency, and not be driven solely by compliance.
The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems considered business critical.
TASKS, DUTIES, FUNCTIONS:
1. Conduct enterprise-wide, ongoing risk analysis in tandem with compliance and security.
2. Maintain oversight in a GRC-related platform.
3. Identify strengths and weaknesses in the GRC program as they relate to privacy, security, business resiliency and compliance frameworks.
4.
Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
5. Maintain strong oversight of third parties, vendors and business partners to safeguard against undue risk presented by external entities. Escalate to GRC management and business unit leads when points of weakness are discovered.6. Analyze findings, and document, recommend and report program gaps to GRC leadership.
7. Monitor current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply GRC expertise across key lines of business, including products, practices and procedures.
8.
Define qualitative and quantitative metrics to assess the success of the GRC program and provide regular reports to GRC, Security, and business leadership.
9. Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes. Maintain rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.10. Act as a key participant in incident response to track occurrence and resolution, with strict documentation and reporting.
11.
Work in tandem with security, audit and risk management leadership to perform ongoing security program assessments and create annual strategic technology and budgetary directives.
12. Attend and fully engage in change and project management meetings.13. Liaison with auditors, both internal and external, to maintain and implement controls for compliance and privacy laws.
14.
Act as a point of contact for disaster recovery and business continuity as it relates to security frameworks, compliance and privacy laws.
15. Perform other duties as assigned.1.
At least five plus years' experience in cyber security as a practitioner and with at least two to three plus years exposure with various security frameworks.
2.Strong business acumen and security technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.
3.Experience and understanding of various regulatory requirements and laws, including but not limited to PCI, SOX, HIPAA, GDPR and GLBA.
Additional experience in one or more of the following:ISO 27001/2, ITIL or NIST.
4.
Exceptional written and verbal communication skills, and proven ability to translate security and risk to all levels of the business.
5. Capacity to understand legacy and progressive technology and security controls along with respective risk. Working knowledge of technologies such as cloud computing, DevOps and application security is required.6. Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines.
7.
Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
8. Proven project leadership with both legacy and emerging technologies to assess and manage business risk and enforce security controls.9. Prior team leadership experience preferred.
10. Must be self-directed, able to work on own initiative.
11. Ability to work under pressure and tight deadlines; may be required to work extended hours to complete tasks.
EDUCATION:
Bachelor's degree in Business Administration, Accounting, Management Information Systems or Computer Science is strongly preferred. Advanced Degree in Business Administration or other related area is preferred.
EXPERIENCE:
Minimum five years' experience in cyber security as a practitioner and with at least two to three plus years exposure with various security frameworks, experience in a technology risk, security, or compliance role preferably in a financial institution.
Detailed understanding of risk management and controls assurance. Strong understanding of information security controls and standards such as ISO 27001/2, NIST, CSF, and related frameworks.Thorough understanding of various regulatory requirements and laws such as, but not limited to PCI, SOX, HIPAA, HITRUST, GDPR and GLBA.
Experience in a role balanced between business stakeholders and a central technology service organization. Certifications, such as CISSP, CRISC, CISA, CIPP, CISM, are well regarded.LICENSES / CERTIFICATIONS:
Holds or is working toward one or more of the following: CISSP, CRISC, CGEIT or GRCP.
Project Management Professional (PMP) and (PfMP) certifications from the Project Management Institute (PMI) or Certified Business Analyst Professional (CBAP) from the International Institute of Business Analysis (IIBA) preferable, but not required.