Information Risk Assessment

5 Applied
Job Description

Job Description

Position Summary:
The Information Risk Analyst is responsible for performing third party risk assessments for Information Security controls, to identify significant risks to the organization, identify potential solutions, and drive stakeholders to implement the solutions. The individual will be responsible for following documented processes, working with internal stakeholders for enhancing existing process, tracking remediation of findings and reporting. Individual will also be responsible for working with internal stakeholders to document any instance of noncompliance to DTCC Policies, recommend remediation and track remediation to closure.

Principal Responsibilities:
. Participate in and influence third party risk assessment process improvement and documenting the overall process and improvements
. Perform Third party risk assessments to identify Technology risks
. Partner with the business and technology to agree cybersecurity risk findings identified through the Third Party risk assessment
. Provide risk finding recommendations that the business and Third Party Suppliers may implement to mitigate identified finding gaps
. Partner with Third Party Risk team to ensure that risks findings are clearly articulated in a manner that is understood by business and The Third Party Suppliers
. Evaluate vendor responses to ensure that remediation plans and tasks adequately address identified control gaps
. Build all needed Documentation for the Third Party risk assessment and remediation processes
. Assist with the assessing internal non compliance to policies
. Recommend remediation plans to stakeholders and track them to closure
. Participate in and influence process improvements
. Assist the business and technology groups through the DTCC processes
. Develop and operationalize reports to meet stakeholder requirements (e.g. Senior management reports, detailed reports etc.)
. 2- 4 years of experience in Information security risk assessments
. 2 - 4 years of risk assessment experience in Third party risk management area

Proficiency with Information Risk Management best practices Knowledge and Skills Required:

. Proven ability to execute vendor Third party risk assessment programs
. Experience interfacing with other internal or external organizations regarding risk and compliance findings
. Proven knowledge of security methodologies, policies, standards and best practices
. Proven knowledge of information technology systems, infrastructure and operations and how they affect an organization's cybersecurity risk

. Ability to explain and articulate technical concepts using both technical and non-technical language
. Technical documentation writing skills
. Critical thinking and analytical skills
. Excellent skills in office tools (MS Word, PowerPoint, Excel and VISIO)
. Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives
. Strong oral and written communication skills
. Excellent organizational skills, coupled with ability to be versatile and flexible
. Sound business judgment and the ability to work successfully with all levels of management
. Excellent grammar and style skills ability to adapt writing style for different audiences and media Education
Training and Certification: Bachelor's degree preferred CISSP/CISM/CRISC certification preferred





eTeam was formed in 1999 with the goal of becoming the supplier of choice for clients, employees and contingent workers. Today, we’re one of the fastest-growing companies in New Jersey and ranked as one of the best companies to work for by Staffing Industry Analysts and New Jersey Business. We’re also an honored member of Deloitte’s Technology Fast 50.
eTeam provides high-volume staffing, SOW and pay rolling services to structured contingent workforce programs and projects across the U.S., Canada and India. We also offer contract-to-hire and direct placement. Our 'No-Sell, Service-Only' approach has resulted in 'Accelerated Hires,' lower costs, reduced risks and better service for Fortune 2000 Companies, Large System Integrators and Government Agencies.

Career Advice to Find Better