This job has expired, please see additional jobs below
Risk Analyst, Paranoid
Yahoo!
Sunnyvale, CA, United States
Job Details - this job has expired, please see similar jobs below
We are looking for strong Risk Analysts, with a desire to focus on security, to join the Paranoid Risk Management team at Yahoo.
Responsibilities
·Drive implementation of controls and processes leveraging Paranoid policies and standards
·Qualify and review security risk exception requests from the business and drive remediation and reporting
·Conduct information security risk assessments of the company’s processes and infrastructure to evaluate compliance to security policies and external regulations, and determine overall security risk
·Enable effective reporting of risks across the company on a weekly/monthly/quarterly, and ad-hoc basis for executive leadership
·Drive Paranoid security and compliance projects/programs to enable a positive security posture within Yahoo
·Promote security awareness in the organization through training and cross-functional engagement
·Assess security and provide remediation/mitigation solutions for vendors, 3rd Party platforms, and business processes
·Provide security leadership and direction to both the global business and technology teams
·Develop solutions to drive down security risks at Yahoo
Qualifications
·3+ years relevant experience in an information security, risk management, audit or compliance role with progressive experience in security policy management, IT/security assessments, and IT/security risk identification/management/reporting
·Bachelors Degree in Computer Science, Engineering, or Management Information Systems preferred
·Strong project management and leadership skills with demonstrated participation in various projects to improve security
·Knowledge of external compliance regulation/standards such as PCI DSS, SSAE 16, etc.
·Experience with compliance tools such as Archer and RedSeal
·Experience with qualitative risk analysis, quantitative risk analytics, business and process analysis
·Strong analytical skills with experience developing and deploying new methodologies and capabilities
·Excellent interpersonal and communication (both written and verbal) skills
·Proven ability to function well independently and in a team, and be comfortable in a fast paced and dynamic environment
·CISSP, CISM, CISA, CCNA certifications preferred