JOB SUMMARY: Senior Information Risk Analyst
We are seeking a highly skilled Senior Information Risk Analyst to join our Information Risk Management (IRM) team. This role is critical in conducting thorough risk assessments on third parties, systems, technologies, and applications, analyzing findings, and collaborating with stakeholders to develop robust mitigation plans. The ideal candidate will possess a deep understanding of information security principles and risk management practices, along with excellent communication and presentation skills to effectively convey risk-related information to stakeholders at all levels.
RESPONSIBILITIES AND DUTIES:
- Conduct comprehensive risk assessments of existing and new third parties, systems, technologies, and applications, utilizing a risk-based framework.
- Collaborate with stakeholders to develop and implement mitigation plans that align with established risk tolerance levels.
- Negotiate contractual security requirements and manage the tracking and reassessment of risk findings.
- Serve as a Subject Matter Expert (SME) in information security, contributing to the development and management of policies and procedures.
- Lead and manage internal tasks and initiatives to support the evolution of the Information Risk Management team.
- Develop and maintain strong relationships across the organization to support cross-team collaboration and risk mitigation planning.
- Participate in cross-functional teams to develop risk, compliance, and information security policies, standards, and procedures.
- Mentor junior team members, providing training and guidance on operational issues and risk management strategies.
QUALIFICATIONS:
- BA or BS degree in Information Security, IT, Business Management, Risk Management, or a related field, or equivalent experience.
- 8+ years of experience in IT, Information Security, or Risk Management, with at least 5 years in a role demonstrating strong analytical or project management experience within the Information Security domain.
- Preferred certifications: CISSP or CRISC.
- Experience with HIPAA, HITRUST, and other state and federal privacy regulations is preferred.
- Audit certifications (CISM, CISA or equivalent) are a plus.
- Exceptional communication, analytical, and project management skills.
- Proven ability to work collaboratively with stakeholders at all levels and across multiple functions.
- Ability to effectively manage multiple tasks and projects in a dynamic environment.
OPPORTUNITY DETAILS:
This position offers the opportunity to play a pivotal role in safeguarding the confidentiality and integrity of information within a leading organization. If you are a motivated Information Security professional passionate about risk management and looking for a challenging role in a collaborative environment, we encourage you to apply.
ABOUT CURATE:
At Curate Partners we are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. Our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. Our environment makes all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.
EQUAL OPPORTUNITY EMPLOYER:
Curate Partners and their clients are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. We believe that our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. We are dedicated to providing an environment where all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.
FAQ:
- Q: What qualifications are required for the Senior Information Risk Analyst role?
- A: Required qualifications include a BA or BS degree in relevant fields, 8+ years of experience in IT, Information Security, or Risk Management, CISSP or CRISC certifications, and exceptional communication and analytical skills.
- Q: What are the key responsibilities of the Senior Information Risk Analyst?
- A: Key responsibilities include conducting risk assessments, developing mitigation plans, negotiating contractual security requirements, serving as a subject matter expert, leading internal initiatives, and mentoring junior team members.