Previous Job
Previous
Security Analyst - Security, Compliance and Risk Management
Ref No.: 18-00084
Location: Chicago, Illinois
Job Description:

Security Analyst, Risk & Compliance
Working directly with the CISO and key stakeholders, the security analyst will create security risk management processes and documentation to support security risk and compliance processes including:
  • Drafting and maintaining risk register
  • Creating policy and documentation
  • Creating dashboards and reports
  • Conducting security risk assessments
  • Project management (scope to vary based on individual background)
  • Creating security communications and awareness materials

Skills
  • Working knowledge of security frameworks such as NIST, ISO 27001/2, Cloud Security Alliance CCM, FedRamp.
  • Working knowledge of cyber/information security risk management practices
  • Ability to create information security management system (ISMS) processes and artifacts for tracking and scoring security risks.
  • Familiarity with assessing risks associated with cloud environments
  • Familiarity with agile and devops practices
  • Effective written and verbal communication skills.
  • Working knowledge of security policy and process documentation
  • Ability to work independently and plan/structure work activities and deadlines.
  • Project management
  • Jira
  • PowerPoint, MS Word, Excel
  • Confluence/wiki pages
  • Experience creating workflows and basic automation for security governance and compliance/audit-related tasks and activities
  • Experience with ticketing systems and workflow
  • GRC software experience preferred

Experience
At least 2 years of experience working in a dedicated security risk management capacity in an enterprise setting performing assessments, audits and/or compliance and privacy related work.

Certifications
CISA, CISM, CISSP

Work Location
Chicago Loop. Majority of work requires onsite presence with some flexibility on remote work after initial ramp-up period.

In summary..3-6 month contract in Chicago, IL. The selected candidate can be a mid or senior level candidate for Security, Compliance and Risk Management.

The Security Analyst is in charge of risk management, controls and documentation. This includes writing policies and procedures, risk management practices for information security. It is a plus if the candidate has experience AWS Cloud and DevOps.