Computer Aid, Inc.

  • IT & Operations Risk Analyst

    Location US-NY-NYC
    Employment Type
    Contract to Permanent
  • Position Description/Responsibilities (CCC/Vendor)

    Title: IT & Operations Risk Analyst

    Duration: long term (full time)

    Location: NYC, NY (Midtown) 

    Job Summary 

    The IT & Operations Risk Analyst implements and maintains a comprehensive information security risk management program. This includes defining key risk indicators, risk registers, processes and standards. The Information Security Risk Analyst works with various departments to identify, measure, and report on risk based on information assets. A key focus of the Information Security Risk Analyst is to maintain and support the IT GRCM solution. This position works closely with the CISO group.

    Job Description

    • Continuously identify, assess, measure and monitor information technology risk by performing hands-on risk assessments for both the technology at operations functions.
    • Identify and communicate recommended security and control deficiencies for business units. Document and monitor the implementation of controls for applications, technologies, processes & assets.
    • Maintain assessment criteria of applications & systems for measuring compliance of company policies, procedures, standards, security training programs, technical infrastructure, applications and development efforts against defined compliance baselines.
    • Work closely with CISO, CIO, Internal Audit, Procurement & Compliance to identify compliance baselines from legislative requirements and corporate objectives.
    • Develop, document, maintain and support the information security risk management program in line with information security policy, practices and leading industry standards.
    • Understand information security risks pertinent to its business goals and technology infrastructure and support an enterprise information security risk program to identify & assess and respond to risks.
    • Maintain an up-to-date understanding of emerging trends in information security risks; apply new techniques and trends, in-line with overall information security objectives and risk tolerance.
    • Work with technology and business teams to develop and document risk mitigation action plans, along with recommendations to reduce information security risk within their areas.
    • Assist with vendor assessments for evaluations and tracking of risk changes.
    • Working with information security leadership, develop strategies and plans to enforce security requirements and address identified risks.

    Competencies: 

    • At least 3 years of experience in Information Security Risk related position for insurance or financial services industry.
    • Degree in Computer Science, Information Systems, or Business Administration preferred.
    • Security Certification (CISSP, SSCP, GIAC, CEH, etc) preferred.Required if no degree.

    Experience:

    • Documenting IT risk management policies, practices and procedures.
    • Developing, maintaining and updating key risk indictors & risk registers for IT.
    • Monitoring and tracking the status of risk mitigation plans.
    • Supporting and maintaining an IT GRC or similar tool to conduct risk management activities.
    • Working with technology and business teams to facilitate risk assessments, risk evaluation and reporting.
    • Prepare and present risk assessment reports to system owners, business units and others.
    • Familiarity with different system platforms including web applications, web services, mainframe UNIX and Windows
    • IT GRCM software
    • Vulnerability assessment management software

    Knowledge and Skills:

    • Various applications and architecture
    • TCP/IP networking protocols
    • Microsoft applications such as Office, PowerPoint and Visio
    • Regulatory requirements such as PCI, HIPAA, FFIEC and Gramm-Leach-Bliley Act
    • Very strong oral and written communication skills to include report/proposal preparation and presentation (a writing and/or presentation sample may be required at time of interview)

     

    Company Overview (CCC Only)

     

    Computer Aid, Inc. (CAI) is an innovative solutions company managing engagements with numerous Fortune 1000 companies and government agencies. CAI is headquartered in Allentown, Pennsylvania with a staff of over 4,200 professionals working at locations around the world in a variety of industries. Our services leverage technology to provide outstanding customer experiences that generate new value for our clients, our employees, and our greater communities.  

     

    CAI is building a culture of continued learning, support, and personal development in a collegial environment. We also strive to make a positive impact on our surrounding communities through various outreach programs. We make a positive difference for our associates and the communities in which we serve.

     

    Our mission: Provide industry-leading services and an incredible workplace for our associates, while making an impact on our communities.  For more information on our professionals, services, and industries we support, please see our website www.compaid.com.

     

    CAI is an Equal Opportunity/Affirmative Action employer. Minorities, women, veterans and individuals with disabilities will receive consideration and are encouraged to apply.

     

    EEO Statement:

     

    It is the policy of Computer Aid, Inc.(CAI) not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or because he or she is a protected veteran. It is also the policy of CAI to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment.

     

    Employees and applicants of CAI will not be subject to harassment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or because he or she is a protected veteran. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited.

    Status of Your Application:

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed