Jobs
>
Springfield

    Security Risk Analyst - Springfield, United States - The College Board

    The College Board
    The College Board Springfield, United States

    6 days ago

    Default job background
    Description
    This job was posted by : For more information, please see: Risk Analyst

    College Board - Risk Management

    Location This is a fully remote role.

    Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office).


    Type:
    This is a full-time position

    About the Team


    The Information Security Governance Risk and Compliance (ISGRC) team at the College Board checks and certifies the College Board\'s Information Security Programs.

    Our mission is to provide our stakeholders with meaningful insights that continuously improve the risk posture across the organization.


    ISGRC partners work with business leads to perform necessary security reviews of policies, systems, contracts, and vendors to better understand and manage risk.

    The team also manages security policies, security awareness training, and industry-recognized certifications (ISO 27001, SOC2 and PCI-DSS).

    About the Opportunity


    As a Security Risk Analyst, you will have the critical role of being responsible for evaluating and managing exceptions to IT security policies, for managing the Organization\'s Risk and Control Issues Register (Risk Register), and for developing reports and metrics.


    Your strong technical communication and negotiation skills will help you build relationships and collaborate with diverse stakeholders and reduce risk to the organization and ensure compliance.


    Under the direction of management, you will manage the Risk Register and perform security policy exceptions to help the College Board understand its critical risks.


    In this role you will:
    Manage the Risk Register (20%)

    Leads the management of the issues and risks and quickly escalates any untimely completion of audit actions.

    Works independently to communicate risks and works with others to problem-solve risks to tolerance levels based on data and evidence.

    Maintains data quality of Risk Register and executes any required data clean-up exercises.

    {=html} - Understands College Board work to be able to drive Risk or Control Owners to ensure consistent application of policies and standards. - Raises awareness about Risk & Control Issues, Policy exceptions, and available risk reduction options. - Fosters a culture of risk awareness and compliance within the technology department and across the organization.

    Manage Policy Exceptions (65%)


    Independently analyzes policy exception submissions and provide risk assessment reports for critical service lines, applications, and infrastructure hosted on-prem and in the cloud.

    Evaluates and manage exceptions to IT security policies.
    Manages materials for the Exception Review Board and present exception information to executive leadership and senior team members.
    Maintains an up-to-date knowledge and understanding of IT security policies and principles.
    Maintains a customer-focused attitude in all interactions with customers and colleagues.

    Manage Metrics and Reporting (15%)

    Provides weekly and monthly reporting for the Risk Register and policy exceptions.
    Produces trending metrics and escalate exceptions.
    Performs other duties as assigned.

    About You

    5-7 years of experience managing or supporting IT Security Risk and Control Risk Register and processing policy exceptions.
    Strong understanding of risk management techniques such as: risk identification, risk scoring, risk mitigation, and risk tracking.

    The proven ability to lead conversations balancing risk and multiple business needs that result in positive outcomes with multiple stakeholders.

    The capacity to assess risk information and make risk recommendations independently.

    Strong organizati n and prioritization skills and the proven ability to manage multiple tasks simultaneously, both independently and as a member of the team.

    7-10 years of experience in information security; governance, risk, and compliance; and/or information technology projects.

    {=html} - Excellent verbal and written communication skills. - Experience with governance, risk, and compliance tools (e.g., RSAM, RSA Archer) preferred. - Experience with information security and privacy frameworks such as ISO 27001, COBIT, NIST-CSF, NIST 800-53, GDPR etc. - Current Information Security Certification (e.g., CISSP, CRISC, CISM, CISA, or related security certification) preferred or the ability to attain one within 6 months of hire. - Bachelor\'s degree in computer science, cybersecurity, engineering, IT management or four years equivalent IT and security industry experience. - For remote positions, ability to travel 4 times a year to our Reston, VA office. - Authorization to work for any employer in the USA

    Ab
  • Associated Electric Cooperative

    Risk Analyst

    1 week ago

    Associated Electric Cooperative Springfield, United States

    Discover a POWERful career at Associated Electric Our organization offers challenging and rewarding work with career development and internal mobility opportunities - all within a family friendly and community centric culture. Our purpose is simple - to provide safe, reliable and ...

  • Associated Electric Cooperative

    Risk Analyst

    2 days ago

    Associated Electric Cooperative Springfield, United States

    Discover a POWERful career at Associated Electric Our organization offers challenging and rewarding work with career development and internal mobility opportunities - all within a family friendly and community centric culture. Our purpose is simple - to provide safe, reliable and ...

  • Associated Electric Cooperative

    Risk Analyst

    2 weeks ago

    Associated Electric Cooperative Springfield, United States

    Discover a POWERful career at Associated Electric Our organization offers challenging and rewarding work with career development and internal mobility opportunities - all within a family friendly and community centric culture. Our purpose is simple - to provide safe, reliable and ...

  • Hybrid Pathways

    3rd Party Risk Management Cyber Security Purple Team Analyst

    1 week ago

    Hybrid Pathways Springfield, United States

    Job Description · Job DescriptionAbout the opportunity: · Hybrid Pathways is seeking a highly skilled and motivated Third-Party Risk Management Cyber Security Purple Team Analyst to join a dynamic team. As a Third-Party Risk Management Purple Team Analyst, you will play a crucial ...

  • US National Geospatial-Intelligence Agency

    Counterintelligence Analyst

    1 week ago

    US National Geospatial-Intelligence Agency Springfield, United States

    **Duties**: · An NGA CI Analyst conducts all-source intelligence analyses to provide customers with an enhanced understanding of the foreign intelligence entity (FIE) threat to NGA personnel, facilities, programs, and technologies, and support counterintelligence activities inclu ...

  • CoxHealth

    Cyber Security Analyst

    3 days ago

    CoxHealth Springfield, United States Full time

    Summary · 5x Modern Healthcare Best Places to work America's Greatest Workplaces 2023 – Newsweek Best Employers for New Grads 2023- Forbes Greatest Workplace for Women Newsweek · Robust, fully customizable benefits package including Medical/Vision/Dental and more No cost eCare ...

  • V2X

    Insider Threat Analyst

    6 days ago

    V2X Springfield, United States

    Overview · This role is in support of an exciting new effort and is contingent upon contract award. · ResponsibilitiesInsider Threat Analysts conduct threat analysis, provide assessments of threats and vulnerabilities, produce investigative leads, uncover policy violations, asses ...

  • CoxHealth

    IT Solutions Analyst

    3 days ago

    CoxHealth Springfield, United States Full time

    Summary · Job Summary This position is aligned to the Identity & Access Management team and will be responsible for identifying strategies for access security in clinical systems, including the Epic EHR system. The role will involve working closely with various stakeholders, inc ...

  • CoxHealth

    IT Solutions Analyst

    5 days ago

    CoxHealth Springfield, United States Full time

    Summary · 5x Modern Healthcare Best Places to work America's Greatest Workplaces 2023 – Newsweek Best Employers for New Grads 2023- Forbes Greatest Workplace for Women Newsweek · Robust, fully customizable benefits package including Medical/Vision/Dental and more No cost eCare ...

  • V2X

    Insider Threat System Analysts

    4 days ago

    V2X Springfield, United States

    Overview · This role is in support of an exciting new effort and is contingent upon contract award. · ResponsibilitiesInsider Threat System Analysts employ complex data analytics tools, develop and oversee software programs to collect information from Agency computer networks, an ...

  • CoxHealth

    Business Analyst

    5 days ago

    CoxHealth Springfield, United States Full time

    Summary · 5x Modern Healthcare Best Places to work America's Greatest Workplaces 2023 – Newsweek Best Employers for New Grads 2023- Forbes Greatest Workplace for Women Newsweek · Robust, fully customizable benefits package including Medical/Vision/Dental and more No cost eCare ...

  • Levi Ray & Shoup Inc

    Compliance Analyst

    2 weeks ago

    Levi Ray & Shoup Inc Springfield, United States

    Who We Are ) · + History · + Company Overview ) · + Leadership · + A Message from Our CEO ) · + What We Believe · + Our Mission ) · + LRS Philosophy & Values · + Community Involvement ) · + Wilkerson · + Divisions ) · + Careers · + Our Culture ) · + Benefits · + Diversity ) · + I ...

  • JMARK Business Solutions

    Security Analyst

    2 weeks ago

    JMARK Business Solutions Springfield, United States

    Position Summary: · The Security Analyst (SA) will be responsible for monitoring, investigating, correlating, and responding to cybersecurity alerts and incidents. Responsible for execution of IT Security procedures for vulnerability management and maintenance of cybersecurity to ...

  • Taylorville Memorial Hospital

    Clinical Systems Analyst II

    1 week ago

    Taylorville Memorial Hospital Springfield, United States

    Overview · As a Clinical System Analyst II you'll work in assisting in developing, modifying, and administering an array of up to fifty clinical systems including, but not limited to the Cerner Millennium suite of applications. Assists in design, maintenance, and support of compl ...

  • Discover Financial Services

    Senior Manager Quality Management

    2 hours ago

    Discover Financial Services Illinois, United States

    And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. Come build your future, while being the reason millions of people find a brighter financial future with Discover. · This role will closely monitor per ...

  • Elevance Health

    Cloud Cyber Security Analyst

    6 days ago

    Elevance Health Springfield, United States

    Cloud Cyber Security Analyst (Data Protection/DevOps) · Location: This position will work a hybrid model (remote & office). The ideal candidate will live within 50 miles of one of our Elevance Health PulsePoint locations. · The Cloud Cyber Security Analyst (Data Protection/DevOps ...

  • JMark Services Inc.

    System Administrator II

    2 weeks ago

    JMark Services Inc. Springfield, United States

    Position Summary: · The System Administrator II (Security Emphasis) will be responsible for monitoring, investigating, correlating, and responding to cybersecurity alerts and incidents. Responsible for execution of IT Security procedures for vulnerability management and maintena ...

  • ManTech

    Security and Forensics Investigator

    1 week ago

    ManTech Springfield, United States Full time

    Secure our Nation, Ignite your Future · Secure our Nation, Ignite your Future · Become an integral part of a diverse team that leads the world in the National Intelligence Sector at ManTech International Corporation. You will help protect our national security while working on in ...

  • CoxHealth

    IT Clinical Systems Engineer

    3 days ago

    CoxHealth Springfield, United States Full time

    Summary · EPIC IT Clinical Systems Engineer The position will be directly aligned to Epic's Bugsy solution. Bugsy is Epic's infection control solution designed to monitor patients at risk for infection and identify patients in need of isolation. Nursing background is preferred ...

  • Taylorville Memorial Hospital

    Medical Informatics Consultant

    1 week ago

    Taylorville Memorial Hospital Springfield, United States

    Overview · The Medical Informatics Consultant serves as a resource and liaison in the development, implementation, and support of health information technology utilized by medical staff. Triages incoming issues and requests and determines remedial and/or escalation procedures. Co ...