SENIOR INFORMATION RISK ANALYST

Job Category: QA & Compliance Roles

JOB SUMMARY: Senior Information Risk Analyst

We are seeking a highly skilled Senior Information Risk Analyst to join our Information Risk Management (IRM) team. This role is critical in conducting thorough risk assessments on third parties, systems, technologies, and applications, analyzing findings, and collaborating with stakeholders to develop robust mitigation plans. The ideal candidate will possess a deep understanding of information security principles and risk management practices, along with excellent communication and presentation skills to effectively convey risk-related information to stakeholders at all levels.

RESPONSIBILITIES AND DUTIES:

  • Conduct comprehensive risk assessments of existing and new third parties, systems, technologies, and applications, utilizing a risk-based framework.
  • Collaborate with stakeholders to develop and implement mitigation plans that align with established risk tolerance levels.
  • Negotiate contractual security requirements and manage the tracking and reassessment of risk findings.
  • Serve as a Subject Matter Expert (SME) in information security, contributing to the development and management of policies and procedures.
  • Lead and manage internal tasks and initiatives to support the evolution of the Information Risk Management team.
  • Develop and maintain strong relationships across the organization to support cross-team collaboration and risk mitigation planning.
  • Participate in cross-functional teams to develop risk, compliance, and information security policies, standards, and procedures.
  • Mentor junior team members, providing training and guidance on operational issues and risk management strategies.

QUALIFICATIONS:

  • BA or BS degree in Information Security, IT, Business Management, Risk Management, or a related field, or equivalent experience.
  • 8+ years of experience in IT, Information Security, or Risk Management, with at least 5 years in a role demonstrating strong analytical or project management experience within the Information Security domain.
  • Preferred certifications: CISSP or CRISC.
  • Experience with HIPAA, HITRUST, and other state and federal privacy regulations is preferred.
  • Audit certifications (CISM, CISA or equivalent) are a plus.
  • Exceptional communication, analytical, and project management skills.
  • Proven ability to work collaboratively with stakeholders at all levels and across multiple functions.
  • Ability to effectively manage multiple tasks and projects in a dynamic environment.

OPPORTUNITY DETAILS:

This position offers the opportunity to play a pivotal role in safeguarding the confidentiality and integrity of information within a leading organization. If you are a motivated Information Security professional passionate about risk management and looking for a challenging role in a collaborative environment, we encourage you to apply.

ABOUT CURATE:

At Curate Partners we are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. Our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. Our environment makes all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.

EQUAL OPPORTUNITY EMPLOYER:

Curate Partners and their clients are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. We believe that our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. We are dedicated to providing an environment where all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.

FAQ:

  • Q: What qualifications are required for the Senior Information Risk Analyst role?
    • A: Required qualifications include a BA or BS degree in relevant fields, 8+ years of experience in IT, Information Security, or Risk Management, CISSP or CRISC certifications, and exceptional communication and analytical skills.
  • Q: What are the key responsibilities of the Senior Information Risk Analyst?
    • A: Key responsibilities include conducting risk assessments, developing mitigation plans, negotiating contractual security requirements, serving as a subject matter expert, leading internal initiatives, and mentoring junior team members.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx

Warning For Candidates & Clients Against Cyber Criminals

Fraudulent Job Offer Information

Confirm Before Sharing Your Information

It has come to our attention that there have been instances of fraudulent activity within our industry relating to false employment opportunities, including false offers being made to consultants seeking jobs from individuals or organizations who pose as company representatives. These false offers may ask you to share personal information or transfer funds to advance the recruitment process. Curate will NEVER request financial information, request an advance of funds, or passport details as part of the recruitment process. We employ a formal process that includes an interview with a member of our recruiting team. This is required and the only way to be considered to work as a Curate consultant or employee.

Our only official websites are Curatepartners.com and Curateinsights.com. Candidates will only receive email from our official website domains which are @curatepartners.com and @curateinsights.com. We are aware of recent scams using text messages and emails that may be mistaken for Curate addresses. We are also aware that those seeking to scam consultants or employees use photographs and names of actual employees within our organization or create fake websites that may resemble our official company website.

We are actively monitoring the situation and doing our best to prevent these scams. If you believe you have been a potential victim of an employment scam, please contact Internet Crimes Complaint Center (www.IC3.gov).