Security Risk Analyst Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the security risk analyst job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

D Littel

Dillon

Littel

597 Charlie Fields

New York

+1 (555) 614 8489

597 Charlie Fields

New York

Phone

p +1 (555) 614 8489

Experience Experience

Detroit, MI

Security Risk Analyst

Detroit, MI

Cruickshank-Collins

Detroit, MI

Security Risk Analyst

Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements
Assist in developing any GS-related initiatives (e.g. applications, procedures, policies, standards, modules, training and awareness)
Working knowledge of the security framework
Perform Information Security Risk Management activities which include
Develop and drive security awareness and training
Previous work with ISO27001 based risk registers is a plus
Working across multiple internal teams and to handle customer interface meetings on security related topics

San Francisco, CA

IT & Security Risk Analyst

San Francisco, CA

Crist Inc

San Francisco, CA

IT & Security Risk Analyst

Performs quantitative analysis contributing to risk efforts while increasing and enhancing the company’s risk management capabilities
Execute risk assessment programs, perform testing, analyze findings
Develops a robust assessment plan for assigned businesses in accordance with standards, relevant government regulations and BKFS policies
Provides support to the risk effort through the measurement of risks associated with the company and its efforts
Assists in monitoring and reporting on risks and controls in all areas of the company and its products and services
Perform assessments of the risk profile for Merger & Acquisitions activity
Collaborate with peers, business unit partners, management and corporate functions to identify areas of risks to the organization

present

Dallas, TX

Information Systems Security Risk Analyst

Dallas, TX

Rosenbaum-Cummings

present

Dallas, TX

Information Systems Security Risk Analyst

present

Complete weekly system audits, media reviews, anti-virus management, system upgrades/downgrades, configuration management, and establish new user accounts
Provide IA/Cyber engineering support and recommendations for systems, networks and secured environments
Assist with developing System Security Plans, Profiles, Certification Reports
Provide security oversight for stand-alone networks, LANs and WANs
Performs system certification and accreditation planning, testing and liaison
Create hardware and software approval letters for government approval
Perform data integrity containment and investigations on IA related security violations/incidents

Education Education

Bachelor’s Degree in Computer Science With Emphasis

University of Southern California

Bachelor’s Degree in Computer Science With Emphasis

Skills Skills

Excellent time management skills with the ability to meet deadlines
Good oral and written communication skills
Ability to work with minimal supervision
Ability to accept and evolve with changes in policies and procedures
Ability to interact with a diverse population
Ability to work in a fast paced, multi-tasked environment
Maintain regular and punctual attendance
Proactive troubleshooting, listening and problem solving skills
Critical thinking using logic and reason
MS Office, SQL, Visio

Create a Resume in Minutes

15 Security Risk Analyst resume templates

Read our complete resume writing guides

Senior Security Risk Analyst Resume Examples & Samples

Industrial security certification (e.g. CISSP, CISM and CISA) are highly regarded
6 or more years’ experience working in IT and financial services
2or more years’ experience working in IT Risk Management discipline
2 or more years’ experience working in Project Management discipline
Working knowledge of delivering security through an Agile environment
Working knowledge of IT industry processes and practices
Experiencing in standards and procedure document writing
Preparing and presenting status update or metric reporting at management meetings
Managing stakeholder relationships
Familiar with the Information Security Industry best practice and standards e.g. ISO27001, COBIT, NIST
Exposure to security related regulatory and legislation e.g. Privacy Act, SOX, SPAM Act, Payment Card Industry
A general understanding of security architecture frameworks and security technologies such as identity and access management, data loss prevention, encryption etc
Excellent writing and oral communication
Enthusiasm and high energy
Integrity and ability to persevere
Passionate about educating or influence people's mindset
Takes initiative

Physical Security Risk Analyst Resume Examples & Samples

Demonstrated knowledge of physical security principles, practices and protection strategies, and crime prevention strategies, including but not limited to intrusion detection, surveillance and CPTED
Strong written/verbal communication and presentation skills with demonstrated ability to provide clear and concise summaries to Senior Leadership. Personal interaction with Executive-level is expected
Advanced analytical skills and an excellent knowledge of security and threat risk assessments in order to provide timely expertise, advice and guidance to business partners
Possess sufficient education and experience to generate reports, perform process reviews and interpret department policies and procedures
Ability to work independently in a fast paced and demanding environment that requires meticulous attention to detail
Self-motivated, self-confident and able to prioritize deliverables in a "high change" environment
Ability to support a 24/7 operational environment, which may occasionally require work outside of regular business hours
Minimum of 3-5 years banking or retail security experience preferred
Minimum of 5-7 years of security threat and risk assessment experience with a corporate or government security department within an organisation of comparable size and complexity to TD
Strong working knowledge of Microsoft Office, specifically Excel, Word and PowerPoint
Applicants must be able to receive federal and provincial government screening clearances
Applicants must be able to travel domestically or internationally, approximately 15% of the time

Cyber Security Risk Analyst Resume Examples & Samples

Assessing vendor delivery models and contractual details to identify cyber security risks and control gaps
Delivering cyber security questionnaires to potential and existing vendors, identifying risks and control gaps
Working with vendor relationship owners to establish risk appetite based on assessment findings
Working with VMO, vendors, and owners on remediation timelines, tracking and reporting on progress
Managing vendor risk levels based on scope of services, integration aspects, and information handling scope
Periodically reviewing and updating standardized vendor security risk management contract templates
Continually communicate to project and security management concerning any vendor control deficiencies
Participate in meetings and provide recommendations and strategies for ensuring remediation of gap and deficiencies
Work with various business units to determine vendor related risks to project initiatives
Stay apprised of all new project guidelines, new controls defined by Internal Audit, and relevant changes to ensure the Vendor Analysis process is up-to-date
Education: High School or equivalent
Conducting control assessments using a variety of testing methods such as sampling, corroboration, and observation
Exposure to ISO 27002, COBIT, COSO, and other compliance frameworks
CISA certification preferred

Cyber Security Risk Analyst Resume Examples & Samples

Performs periodic information security risk assessments to identify new threats/risk facing the institution and recommends potential mitigating controls
Performs system-level risk assessments to ensure compliance with existing standards and identify potential issues of non-compliance for escalation to senior management
Performs quality control review of information being packaged for use by internal audit, regulatory agencies, etc
Identifies risk-related control deficiencies and recommends appropriate risk mitigation strategies to management
Identifies potential security-related systems for implementation and upon approval, lead implementation efforts
Investigates ongoing internal vulnerability assessments for the purpose of identifying vulnerability trends
Assists with the development and implementation of information/cyber security standards and procedures
Implements and/or maintains mechanisms utilized to track and report on information/cyber security risks, and is also responsible for developing monthly risk-related reports to be utilized by senior and executive management
Recommends, develops and enhances existing Information/Cyber Security Key Risk Indicators and reporting metrics for used by senior management
Provides reports and communication of identified security compliance issues and recommendation(s) for corrective measures
Reviews and provides summary analysis in connection with vulnerability remediation, system hardening, and patch management processes
Analyzes configuration hardening reports to determine compliance with existing policies and procedures
Analyzes end-of-life reports for monitoring and oversight purposes
Escalate potential risk issues or negative trends
Monitors and responds to various alerts utilized to detect potential anomalous activity and initiate escalate processes
Plays an active role in information security incident response efforts to include performance of investigations, evidence gathering, event analysis, and stakeholder interviews
Performs research and communicates results in connection with emerging trends, threats and technologies
Participates in and potentially leads Information Security-related projects
Serves as business unit liaison concerning matters pertaining to Information Security risk management, as needed
Participates and interacts with both technical and non-technical individuals as part of the evaluation process of existing technologies and processes for the purpose of determining compliance with existing policies and procedures
Performs special projects and additional duties as required
Where applicable and when performing the responsibilities of the job, employees are accountable to maintain Sarbanes-Oxley compliance and adhere to internal control policies and procedures
Bachelor's degree with a concentration in computer science or information security risk management
Minimum five years of experience in the information technology and/or information security risk management field within the financial services sector
CISSP and or CISM, CISA, CCIE certifications are advantageous, Microsoft, Linux, Cisco, or security certifications are preferred
In-depth knowledge of current information security attack methodologies, such as man-in-the middle, sniffing, phishing/vishing, cross site scripting, SQL injection, and DDoS, etc
Experience supporting, reviewing, or administrating security technologies such as IDS/IPS, log aggregators, Internet and email filters, and next generation threat prevention platforms
Strong knowledge of Microsoft Office applications
Strong analytical and troubleshooting skills
Strong written and verbal communication, interpersonal, and organizational skills
Ability to work both independently and as part of a team to deliver high quality work product in a fast-paced environment
Ability to multi-task, prioritize projects, and exercise strong professional judgment
Ability to work well with people from different disciplines with varying degrees of technical experience

IT & Security Risk Analyst L-st Louis, MO Resume Examples & Samples

Partner with IT and Security across the lines of business to assist in annual and on-going risk assessment processes including identification of prioritized and emerging risks and development of proper operational risk metrics. Ensure all lines of business stay current on projects and issues
Assist with providing compliance assessment and reporting for IT processes to meet compliance reporting requirements and timeframes. Use data analysis to help IT develop a more proactive and anticipatory approach to risk management. Develop dashboard reports to communicate the relative effectiveness of the control infrastructure and identify potential trends and themes. Assist with creating consistent and consolidated reporting for all areas of IT that identify and control weaknesses and corresponding action plans
Maintain central knowledge repository for IT and Security Risk & Compliance related materials and resources, including IT procedures and policies. Provide oversight to ensure all operational policies are written in a consistent manner and are complete
In partnership with Learning and Development, support the development of IT and Security Risk and Compliance training curriculum
Stay informed about technology trends, directions and uses throughout the industry; utilize information to apply the most current and appropriate technologies to support the risk and compliance business need, and to anticipate and seize new opportunities
Intermediate level knowledge of security, risk, and compliance (SRC) methods and technologies
Intermediate level of organizational skills with the ability to balance multiple tasks simultaneously
High-level critical thinking and problem solving skills; knows when to escalate issues and risks to upper management including strategic thinking, effective analysis of data, and the ability to disaggregate business processes into component risks
Expert level proficiency with Microsoft Word, Excel, PowerPoint, SharePoint, Project and Outlook
Bachelor’s degree in MIS/CIS, Computer Science, or Business Administration, or equivalent combination of education and experience required
2+ years of IT audit, compliance, risk or related experience required
Prior experience working within an Information Technology organization, supporting enterprise level IT functions and processes is a plus

Security Risk Analyst Resume Examples & Samples

Application Risk Assessments
Third-Party Reviews and Risk Assessment
HIPAA and SOX Compliance Assessments
Vulnerability Identification using Manual Methods and Scanning Tools
Threat Assessments
Recommend improvements in processes and/or technology to remediate risk
EXPERIENCE/SKILLS
3+ years of experience in Information Technology preferably with an emphasis in security

Senior IT Security Risk Analyst Resume Examples & Samples

Perform Information Security Risk Management activities which include
Bachelor’s Degree or Equivalent Experience
Security and system related certifications are a plus
8+ years of experience in Information Security

Information Systems Security Risk Analyst Resume Examples & Samples

Ensure classified information systems (IS) are in compliance with the JSIG and/or JAFAN 6/3 government directives
Assist with interpreting government security directives to determine technical Information Assurance (IA) requirements
Prepare written instructions to facilitate proper security implementation
Assist with developing System Security Plans, Profiles, Certification Reports
Provide security oversight for stand-alone networks, LANs and WANs
Perform vulnerability assessments, assist in developing network architectures
Conduct Information Assurance (IA) security education training for system users on appropriate risk mitigation strategies
Provide initial and on-going technical security support for system architectures, Certification and Accreditation (C&A) requirements and training
Perform IA self-inspections to measure regulatory compliance, weekly system auditing, media reviews, hardware/software configuration management, certification/decertification of systems
Create hardware and software approval letters for government approval
Perform data integrity containment and investigations on IA related security violations/incidents
Interface with internal/external customers to identify requirements and provide problem resolution
Publicize and maintain security directives, policies and procedures
Demonstrated Security experience (evidenced through work experience, college coursework, military or on-the-job training)
Experience conducting and facilitating presentations
Experience with scheduling and coordinating tasks and projects
Proficiency with Microsoft Office applications (Excel, Word, Outlook, Powerpoint, etc)
COMSEC Certified
Active Secret Clearance
Classified Information System Management experience
Effective interpersonal and teaming skills
Proven leadership ability (Team Lead)

IT Security Risk Analyst Resume Examples & Samples

Minimum of 7+ years of progressive experience in information services including 5 years in systems security, including maintenance and use of security products in a distributed enterprise environment, and experience in compliance with federal security regulations
Minimum of 3 years’ experience in healthcare or security consulting
Collaborate with all Information Security and Privacy Leaders in implementing consistent security safeguards and controls throughout the organization
Facilitate and review control and compliance initiatives, such as self-assessments, third party reviews and due diligence initiatives
Build relationships with corporate wide process improvement experts to leverage use of the technology organization wide capabilities
Work with ITS Leadership to establish and document standard security policies and procedures
Demonstrates a commitment to service, hospital values and professionalism through appropriate conduct and demeanor at all times

Senior Security Risk Analyst Resume Examples & Samples

Experience with a GRC system, Archer preferred
Experience implementing a risk management framework required
Experience with security in emerging cloud, mobile and IoT strongly desired

Information Systems Security Risk Analyst Resume Examples & Samples

Performs system certification and accreditation planning, testing and liaison activities, to include the development and maintenance of all required documentation
Author System Security Plans and maintain configuration management plans
Complete weekly system audits, media reviews, anti-virus management, system upgrades/downgrades, configuration management, and establish new user accounts
Able to apply cyber security standards, directives, guidance and polices to SAP classified computing environments
Responsible for maintaining the integrity and security of systems through evaluation, testing and auditing to ensure compliance with JSIG and ADP customer standards. This includes periodic verification that security features and operating controls are functional and effective
Track and retain records of accreditation requests and approvals
Running compliance scanning tools, evaluating results, and determining remediation or mitigation steps
Prepare for and support inspections, self-inspections and system reviews
Primary technical interface with internal and external entities on all matters related to business development, compliance, and incident response
Supports internal HR/Legal/Ethics and external customer IA/Cyber investigations and incident handling
Provide IA/Cyber engineering support and recommendations for systems, networks and secured environments
Participates in proposals through ownership of classified IA/Cyber architecture and verifies security requirements
Must be able to work unscheduled hours to support organizational IA/Cyber requirements
Firewall, IPS and Network Experience
ISSM/IAM Experience
Strong interpersonal and communication skills to work with multiple customer accreditation authorities
Demonstrated ability to work in a dynamic team environment
Strong analytical, troubleshooting and organizational skills

Senior IT Security Risk Analyst Resume Examples & Samples

7+ years in technology, specifically focused in IT Security
Extensive experience analyzing enterprise-wide risk and creating and executing mitigation plans accordingly
Strong application security knowledge; background in programming preferred
Expert knowledge of Risk/Security best practices
Experience on both large, complex projects and small projects required
Experience in a global environment preferred
Experience in retail or ecommerce industry (or similar user-platform driven industry) highly preferred
Excellent communication and collaboration skills, resulting in strong relationships and rapport
Strong ability to influence through discussions and presentations to all levels of stakeholders

Security Risk Analyst Resume Examples & Samples

Experience monitoring alarms in a command center environment
Experience providing crisis management triage
Experience gathering intelligence
An interest in security, crisis management, or criminal justice
Ability to sit for prolonged periods of time (the entire work day) without becoming distracted
1+ years of experience with MS Office Suite and programs to include Word, PowerPoint, Excel, Outlook, InfoPath, SharePoint, etc
Multitasking skills including the ability to answer multiple phone lines, prioritize e-mail, instant message, and ticket related communication, and communicate clearly within a command center environment
Able to use multiple software applications simultaneously (software multi-tasking)
Typing skills at 35 words per minute with high accuracy
Professional demeanor and ability to communicate with business leaders
Diploma, associate or college degree/courses in related field (Intelligence, International Relations/Law, IT, Criminal Justice, Political Science, Crisis Management, etc.)
Military/intelligence/law enforcement/geopolitical risk analysis experience
Experience in an IT/Operations/Call/Command Center work environment
Experience with Lenel or other alarm access control systems

Security Risk Analyst Resume Examples & Samples

· Excellent grasp of MS Office Suite and programs to include Word, PowerPoint, Excel, Outlook, InfoPath, SharePoint, etc
Excellent communications skills, with an ability to speak and write English to a good standard (to IELTS Band 7 or above; or equivalent)
Other European languages (French, German Polish or Italian) will be beneficial

Security Risk Analyst Resume Examples & Samples

Conduct security risk assessments for upcoming bid proposals and new projects as defines by the Project and Investment process (SOP 2221) and Project Open and Close (SOP 1472)
Compile, track and trend data and information received from external and internal sources and update the appropriate applications (including but not limited to: GS Incident Log Register, GS Dashboard, HSE database, Traveltracker)
Provide 24/7support to GS Operations team when required (including but not limited to: incident management activation, on-site event management, GS duty officer rotation)
Analyze, model and compile statistical data and information for dissemination to appropriate stakeholders (including but not limited to : GS Monthly Dashboard, Country Security risk ratings, Deep Dive security assessments)
Provide support to business units and projects for security-risk related matters
Assist in developing any GS-related initiatives (e.g. applications, procedures, policies, standards, modules, training and awareness)
Monitor social media, national and international world events through open sources and privileged information analyze and disseminate to appropriate stakeholders

IT Security Risk Analyst Resume Examples & Samples

Develop and maintain GRC procedures and key metrics; support GRC tool implementation and workflows
Review and approve generic id requests; maintain access and media storage access rights database
Monitor security group email box and coordinate with the right decisions; provide status reports and manage stakeholder communications
Perform SOX audits, interacting with Compliance and infrastructure teams
Two to five years experience; Master’s degree and up to 2 years experience, or 8 – 11 years of relevant working experience in information technology security
Understanding of information risk management concepts
Strong customer service focus
Excellent verbal and written communication/presentation skills
Willingness to work a flexible schedule to accommodate business and travel requirements
Ability to Develop process documentation
LI-RH1

IT & Security Risk Analyst Resume Examples & Samples

Anticipates, identifies, and analyzes risk exposure to the company
Develops a robust assessment plan for assigned businesses in accordance with standards, relevant government regulations and BKFS policies
Collaborate with peers, business unit partners, management and corporate functions to identify areas of risks to the organization
Drive projects designed to enhance IT risk capabilities in partnership with business units
Execute risk assessment programs, perform testing, analyze findings
Knowledge of BKFS’ business environment and the ability to evaluate risk implications inherent in new product and market development
Knowledge of Operational Risk and financial risk models and monitoring tools
Knowledge of IT and Enterprise Risk models and tools as well as a good understanding of Enterprise Risk framework
Familiarity with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
Prefer experience in Cyber Security, Information Security or an Information Assurance role
Ability to develop relationships with business units, especially as it relates to operations and technology
Excellent verbal and written communication skills to technical and non-technical audiences of various levels within BKFS or outside the organization (executives, regulators, clients, etc.)
Ability to provide information to a wide variety of audiences regardless of topic and effectively deal with issues that are confidential and sensitive in nature
Ability to persuade and influence others on next steps
Knowledge of infrastructure, key processes, and technology-oriented risk issues, specifically around security and privacy

Application Security Risk Analyst Resume Examples & Samples

Assist software development teams with understanding and remediating automated scan results of software source code as well as penetration testing
Develop or acquire targeted training for development teams in secure coding and other security practices
Identify, propose and acquire toolsets to assist with the security assessment process in an Agile and DevOps environment
Assist the Business Unit Security Officers in the risk assessment process by assessing application risks and providing security recommendations for improved application design or coding
Participate in architectural and design discussions
Work with the developers throughout the software engineering lifecycle to ensure compliance with secure software development best practices
Minimum of 3-5 years of software development experience or 3+ years of work experience in application security
Development and/or security-related experience with web applications, web services, and mobile applications including

Security Risk Analyst Resume Examples & Samples

Oversees the risk acceptance process across the enterprise to ensure risks are documented and accepted at the correct levels of the organization. Validates remediation plans are in place to reduce risk where possible. Manages cycle to reassess accepted risks, obtain sign-off, and provide reporting
Assists business partners with completing risk assessments and ensuring the correct documentation is captured to support the risk assessment process. Translates technical language into business terms to facilitate understanding of risk to the business
Maintains documentation and templates in the GRC toolset and makes recommendations for and implements tool and process improvements
Collaborates with senior and lead risk analysts on activities related to risk modeling, comprehensive periodic risk assessments, and regulatory reporting standards and expectations, and the development of communication and presentations for internal and external audiences
Supports on the development of communications and presentations appropriate for senior level audiences and external regulators

GRC Security Risk Analyst Resume Examples & Samples

6+ years prior work experience in information security risk, audit and/or compliance efforts, with a focus in a technical capacity
Prior technical program management and/or project management experience, preferably in a service-oriented organization
Experience standing up and administering applications and tooling
Ability to develop and use metrics to assess and report program performance
Experience with leading or being a subject matter expert in the review of systems and solutions as part of a internal risk assessment, procurement process, or other program
Exposure to PCI, FISMA/FedRAMP, Cloud Security Alliance and the STAR program including the CCM and CAIQ; and other industry and regulatory frameworks
CRISC, CIA, CISA, CISSP, or other relevant independent certification, or equivalent education
The ability to partner with and effectively communicate with technical and non-technical employees, security, engineering and management staff
Strong asynchronous communication skills - does not need face to face communications on a daily basis to perform job duties and is comfortable communicating over media like chat, GitHub, and other online productivity tools like Google Docs with email as a secondary method as needed
Must be legally authorized to work in the United States
Strong information security background in either software development or systems operations
Have successfully contributed to regulatory audits through the entire lifecycle from initial gap-assessment to receiving a favorable report, and the ability to demonstrate effective auditor or regulatory assessors
Experience supporting on-going compliance monitoring year over year, and including but not limited to working with independent auditors during validation and compliance testing phases
Ability to write basic scripts to automate audit evidence collection
Exposure to software version control systems/Git and GitHub
Have demonstrated resilience and resourcefulness both in and outside of the workplace
Can bring a new perspective based on unique educational, professional, and lived experiences
Can effectively communicate with people from disparate backgrounds

IT & Security Risk Analyst Resume Examples & Samples

Work closely with individuals throughout the organization to assist with complete risk and control identification, providing education necessary to enable a culture of controls. Track and update/close identified gaps and potential risk items within each department. Evaluate existing operational policies and procedures to more accurately identify and document remediation processes
Ensure ongoing analysis of risks, vulnerabilities, and market trends. Determine potential impact on the organization’s risk posture. Assist with internal departmental projects in support of the continuation of IT Risk identification and monitoring
Assist with regulatory reviews, collection of data and materials for regulators or Internal Audit and assisting the operational departments in gathering requested information in a timely manner. Assist with preparing Management reporting of IT and Security risk indicator (RIs) results, operating metrics, etc. to present to Sr. leadership, committees, boards, and regulatory bodies
Intermediate experience in financial services risks and related regulatory requirements
Intermediate level understanding of IT Audit and risk based audit approaches
Strong communication skills (verbal, listening, written, and presentation)
Intermediate level project management skills with proven track record for delivering results
An excellent understanding of business ethics and the ability to keep sensitive information confidential. Excellent interpersonal skills with the ability to work across the organization and interact/influence/negotiate effectively at all levels of management and peers
Capable of working independently, as well as in team/collaborative setting
Intermediate level proficiency with Adobe and Visio
1+ years of experience working with COBIT Controls required or NIST Cybersecurity Framework required
Prior experience at Big 4 or in an IT auditor role is a plus; experience in Management Consulting, IT or Security Risk Management or Change Management is a plus
CRISC, COBIT 5, NIST, CISA and/or CIA Certification preferred

Security Risk Analyst Resume Examples & Samples

Support the efforts of security advocates
Conduct risk assessments and roll out current best practices for treatment
Develop and drive security awareness and training
Participate in the identification and certification of change control cycles
Support efforts to ensure compliance with both PCI / DSS and ISO2 / 27001
Develop and revise safety policies and procedures
Experience or equivalent to undergraduate work
At least 4 years working experience
Proficient understanding of Information technology, systems and networks
Strong risk analysis and reporting
Working knowledge of the security framework
Relevant standards knowledge, including PCI and ISO2 / 27001
Priority for those with industry certifications such as CISSP, CISM, GIAC, etc

Info Security Risk Analyst Resume Examples & Samples

Maintain a current and working understanding of relevant information security and technology regulations and industry trends
Assist in coordination and completion of information security risk assessments, which may include identifying, compiling, and analyzing assessment inputs and/or the execution and documentation of the risk assessment in accordance with the defined approach
Assist in the validation, identification of remediation, and monitoring of vulnerabilities or gaps identified through risk assessments
Coordinate and/or assist in responding to internal/external audits, including 3rd party security assessments
Assist with the performance of gaps analysis against regulatory expectations or industry standards
Coordinate and/or assist in performing ongoing due diligence/monitoring of existing third parties
Support risk monitor efforts by working with partners across UMB to obtain data and a thorough understanding of the data
Perform other tasks to support the good of the team and UMB
Working knowledge of information security and technology risk and controls
Ability to use critical thinking skills and good judgment in evaluating situations and making decisions
Ability to independently execute non-complex tasks with limited guidance and complex tasks with manager oversight and guidance
Demonstrates self-management, organizational, and planning skills by effectively balancing commitments and meeting deadlines
Strong written and oral communication skills with the ability to present opinions in a clear and concise manner
Effective interpersonal skills with the ability to develop solid working relationships with others
Ability to adapt and thrive in a changing environment
Ability to succeed in a team environment or work as an individual contributor
Ability and initiative to proactively enhance knowledge and skills
Ability to development effective and efficient strategies to mitigate risk
Knowledge of standards and frameworks such as COSO, COBIT, ISO, NIST, and ITIL
Knowledge of information security regulatory requirements
Knowledge of the financial services industry

ITS Security & Risk Analyst Resume Examples & Samples

Perform security risk assessments for applications, commercial off-the-shelf systems and 3rd parties
Provide security consulting and technical assistance with the evaluation, selection, initial set-up and secure deployment of new IT systems
Work with all teams to ensure system vulnerabilities are addressed and remediated effectively and efficiently
Assist Logical Security initiative and validation of user and generic service accounts, account revalidation, and other processes approved
Assist with Oliver Wyman Group security related proposals, questionnaires, and technology risk related requests
Follow up with compliance tasks related to policies, standards and procedures
Maintain the information security incident response tasks
Coordinate communication with various stakeholders and provide general support on risk & security related issues
Actively track issues and action items list by documenting progress and status
Minimum 1 to 3 years of experience in information security experience
Bachelors’ degree in Computer Science, MIS, business or equivalent experience is required. An advanced degree (e.g. MBA with concentration in information systems) is a plus
1-2 years of IT project management experience
Ability to weigh business risks and enforce appropriate information security measures; excellent documentation and presentation skills; ability to explain information security concepts to audiences outside of the field
Proven ability to examine, improve and execute the organization's existing security risk assessment processes and procedures
Excellent customer

Senior IT Security Risk Analyst Resume Examples & Samples

5+ years in technology, specifically focused in IT Security
Expert Knowledge of Risk/Security best practices
Experience implementing security with 3rd party and cloud providers preferred
CISSP Security Certification a plus
Strong Application security knowledge; background in programming preferred

Information Systems Security Risk Analyst Resume Examples & Samples

Must have an active Department of Defense - Top Secret Security Clearance and be able to obtain special access program qualifications
Working knowledge and experience as an ISSM/ISSO within a secure environment
Minimum Security + Certification. Must be able to obtain CISSP (or equivalent) within 6 months of start date

Senior Info Security Risk Analyst Resume Examples & Samples

Point of contact for organization GRC project efforts, including requirement gathering, project management, and other project related activities
Facilitate / perform activities in identifying control gaps (policy, procedure, practice, or organizational structure) that if implemented would provide reasonable assurance that security objectives will be achieved
Support the review and compliance of defined IT general controls
Conduct risk assessments on Syniverse owned products and provide management with detailed risk analysis
Lead security awareness training and activities to strengthen the security of the organization
Participate in customer audit program to include collection of evidence, assisting in onsite audit, and tracking of remediation items for technical security controls
Review 3rd party security questionnaires to ensure proper security practices are in place per established Information Security audit guidelines
Review and update Information Security policies as needed
Define and deliver appropriate IT GRC metrics, analytics, reports, and scorecards
Review customer and 3rd party contracts to ensure appropriate security requirements are included to protect the organization
Partner with other business units to define data / asset classification requirements and processes
Maintain overall risk register and present findings to appropriate business units and executive management on a regular basis

IS Security Risk Analyst Resume Examples & Samples

Required - 9 years IT experience
Proficiency working with databases, on-line solutions and programming languages
Ability to work with frequent interruptions and frequent changes in priorities

It-security Risk Analyst Resume Examples & Samples

CISSP, CISM, CISA, CRISC or equivalent certification
4-7 of relevant work experience in IT risk management, Information Security, internal audit, Information Technology, risk management, compliance or other relevant field
Knowledge and experience with the HIPAA Security, Meaningful Use, and the HITECH Act
Knowledge and experience with IT audit frameworks like: COBiT, ITIL and NIST

Information Systems Security Risk Analyst Resume Examples & Samples

This role will ensure compliance to governing documents and security policies and assist in regulatory periodic assessments
Implements and tests state-of-the-art secure operating systems, networks, and database solutions
Stays current with system vulnerabilities and provides current security training to all system users
Performs system and program auditing to ensure compliance to system security plan
Conducts risk assessments and provides recommendations for secure implementation and compliance in accordance with government regulations and information assurance/cybersecurity guidelines
Creates, maintains and submits information system security documents and reports to regulatory agencies and leadership
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security documentation; assists with the implementation of security procedures; verifies information system security requirements; performs information system certification and accreditation planning, testing, assessing and liaison activities
Familiar with information system security architectural documentation standards
Able to apply information assurance / cyber security standards, directives, guidance and policies to an architectural/risk based framework
Provide architectural / risk based analysis of information assurance / cyber security features and relate existing system to future needs and trends and requirements

Information System Security Risk Analyst Resume Examples & Samples

Responsibility for interpreting and implementing agency and national department regulations and policies to establish, implement, and maintain a comprehensive and compliant computer security program
Responsibility for oversight of destruction and release procedures for systems, components and media through application of test and evaluation procedures, configuration management concepts, and risk management
Partnership with system administrators to ensure compliant network architecture for classified systems
Development and administration of security procedures for classified or proprietary materials, documents and equipment for major programs
Continuous research, study and implementation of federal security regulations that apply to company operations to maintain compliance
Perform computer security functions as assigned, including preparation of System Security Plans (SSPs), computer security briefings, computer/network security audits, inventories, virus definition updates, and assists the ISSM with security investigations
4 years’ experience with Information Systems security requirements for SAPF and DoD areas

Health IT Security & Risk Analyst Resume Examples & Samples

Conduct formal security risk assessments for physician offices and healthcare facilities
Identify and evaluate risks to health IT and ePHI security, internal controls which mitigate risks, and related opportunities for internal control improvement
Benchmark client security practices and advise clients on adoption and implementation of privacy and security best practices
Prepare comprehensive reports detailing findings and recommendations for corrective action
Present results to a variety of clients in-person, emphasizing their understanding, interpretation, and ability to implement improvements to security program and infrastructure
Provide advisory services related to internal controls, risk assessments, risk management, IT controls, related standards (HIPAA, HITECH, NIST, etc.) and corrective action plans
Consult and mentor health care providers through Privacy and Security Audits
Research information security trends, hacker tactics, and regulatory developments to maintain current knowledge in security best practices
Become familiar with diverse client business environments and risk management approaches
Provide guidance, leadership, and training on information security to Altarum team members
Assist in development and ongoing improvement of technical audit program including designing templates, suggesting policy improvements, and aligning assessments to regulatory requirements
Participate in strategic and tactical planning to include new product offerings, identify additional client needs, and generate new business leads
Deep understanding of security and privacy requirements and standards in the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and Meaningful Use requirements
Desired experience in designing, documenting, evaluating and testing general computer controls for IT security, change management, and IT operations
Operational experience with automated vulnerability assessment tools (e.g. Nessus, Nmap, Microsoft Baseline Security Analyzer, Qualys, etc.)
Experience in performing security assessment of network devices (router, switch, and firewall configuration), servers, workstation, Web applications and databases
Successful design, implementation, and administration of comprehensive privacy protection programs at hospitals, outpatient clinics, ambulatory surgical centers, group practices, physician offices, and/or other healthcare settings
Experience with regulatory audits including, but not limited to, the DHHS OCR Audit Protocol
The ability to adapt to emerging situations and diverse environments, and thrive in a client-centric culture, responding to diverse client needs in a variety of clinical operational contexts
Proven ability to be productive independently in self-directed contexts and as a team member in collaborative contexts
Good investigative, communicative and analytical skills, with focus on accurate results diagnosis and ensuring client understanding
Certification in Healthcare Privacy and Security (CHPS) or other security or privacy certification is a plus (e.g. HCISPP, CISM, CIPP)
BS degree and/or a minimum of 2 years’ experience in health care delivery, privacy and security, or health information technology

Information Systems Security Risk Analyst Resume Examples & Samples

Must have an Active Department of Defense - TS/SCI Security Clearance and be able to obtain Special Access Program qualifications
Must be 8570 Certified within six months of employment (Security+ CE Minimum)
Thorough understanding of Risk Managed Framework (RMF), and JSIG
Prior ISSM/ISSO duties
Familiarity with RMF / JSIG / ICD directives
Familiarity with STIG Viewer, SCAP, Retina, and ACAS
Familiarity with Microsoft Windows operating systems, Unix/Linux, virtual VM, and Server management
Knowledge of system administration and network administration
Must possess strong interpersonal relations and analytical skills

Security & Risk Analyst Resume Examples & Samples

Correlates large amounts of events within the Asurion DLP tool
Identifies data held within file shares, SharePoint servers, and other unstructured data storage locations for triage and escalation
Takes action upon, documents, and follows-up on events which have been triaged per direction of the Asurion Security team
Maintains metrics for individual progress and reports back as part of larger reporting mechanism
At all times, this individual will be expected to maintain strict confidentiality of the information sets being viewed

Senior Information Systems Security Risk Analyst Resume Examples & Samples

Must have an active Department of Defense - Top Secret Security Clearance
Experience as an ISSM/ISSO within a secure environment
Thorough understanding of Risk Managed Framework (RMF), JSIG,

Download Security Risk Analyst Resume Sample as Image file