Previous Job
Previous
Security Policy Analyst (Contract)
Ref No.: 18-00114
Location: Jersey City, New Jersey
Position Type:Direct Placement
Experience Level: 5 Years
Start Date: 05/15/2017
Pay Rate : $ 110,000.00 - 120,000.00 /Hour
Sr. Security Policy Analyst (6+ Month Assignment)
Location: Jersey City, NJ
Rate: OPEN

Well qualified candidates for this position will demonstrate the following key traits:
  • Ability to assess risks related to violations in policy and security control standards
  • Ability to partner with and influence peers to ensure security requirements are understood and met
  • Ability to report on areas of risk relating to policy exceptions
  • Well qualified candidates will also demonstrate expertise in the following technical areas:
  • Strong writing, organizational, analytical and communications skills
  • Experience with project management or managing a workflow
  • Familiarity with Information Security frameworks and standards (i.e. CIS, NIST, ITIL)
  • Oversee and track the progression of security policy exceptions and website exceptions in Archer
  • Assign risk level to Security Policy Exceptions based on likelihood and impact.
  • Consult with Vulnerability Threat Management, vendor assessments, Software Security Assessment, and Architecture teams to analyze and collect risk data from existing vulnerability, vendor management, project, threat management, and application related processes
  • Identify and convey risks associated to the business owner regarding policy and web exceptions. Consult and advise the business owner with the level of risk and possible compensating controls to reduce the risk to an acceptable level
  • Explain the risk related to the organization as well as recommend options to reduce the risk to an acceptable level
  • Escalate exceptions that require Director and CISO review where appropriate
  • Create and distribute risk reports relating to exceptions on a weekly basis to Senior Manager and Director outlining the risks introduced based on new exception requests
  • Create reports relating to SLA performance
  • Provide reports to the CISO on the areas of policy risk based on categories, and exception type
  • Perform quarterly ICAP testing

security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement security policy controls threat policy implement