Previous Job
Previous
Information Security Risk Analyst
Ref No.: 18-07765
Location: San Jose, California
The Risk Analyst will provide actionable and relevant risk guidance to Client's business units and corporate operations teams on third party SaaS engagements.
Assess third party vendors' (processing/storing Client data) information security controls and identify and communicate risks to stakeholders and relevant internal parties

Consult with business owner on identified or foreseeable internal and external risks and work with business owner to reduce risks based on security best practices for third party vendors
Partner with internal third party partner managers and information asset owners to manage risk treatment plans for third party risks identified
Collaborate with cross-functional departments on process enhancements and workflow integrations to provide improved customer experience
Ability to support legal team when issues arise in relation to the contract negotiation of the vendor's security practices

Skills:
A strong technical background and solid foundation in security principles
Experience managing multi-faceted projects and working with cross-functional teams
Demonstrated ability to successfully manage client- facing engagements
Experience managing internal and external risk in a global enterprise
Communication: Strong written and oral skills (will interface with external partners, vendors, and customers, also marketing, public relations, and senior management
Experience with regulatory compliance audits such as PCI DSS, SOC 2, and HIPAA
CISSP, CISA, or other Information Security attestation(s) is a definite plus.

Education:
Bachelors Degree or equivalent experience in Computer Science, Engineering. MS/MBA preferred.
5+ years work experience in auditing, consulting, IT operations, or process and change management

Languages:
English Read Write Speak

Certifications & Licenses:
CISA
CISSP

Skills : Required
  • CONTRACT NEGOTIATION
  • INFORMATION SECURITY
  • AUDITS
  • CISSP
  • REGULATORY COMPLIANCE
Additional
  • MARKETING
  • PUBLIC RELATIONS
  • SECURITY
  • SECURITY PRACTICES
  • AUDIT
  • AUDITING
  • CHANGE MANAGEMENT
  • CISA
  • HIPAA
  • MBA
  • OPERATIONS
  • PAYMENT CARD INDUSTRY
  • PCI
  • SAAS
  • SOC
  • SOFTWARE AS A SERVICE
  • WORKFLOW
Minimum Degree Required: Bachelor's Degree