IT Security Risk Analyst – Senior/Lead

Location: St. Louis, Missouri, United States Minor Outlying I
Date Posted: 06-05-2016
The IT Security Risk Analyst role is responsible for leading critical security reviews of application and systems on enterprise projects. This role will work closely with Infrastructure, Development and Project Management teams, and ensure continued process improvements.

The position is in the Strategy, Planning and Execution (SPE) team, in the Information Risk Management (IRM) department. IRM is responsible for managing the Information Security risk for the organization. The SPE team leads the creation of the multi-year strategy and IRM roadmaps, and manages the execution of the plans. SPE also defines the corporate security standards, performs risk assessments, and measures organizational security performance.

• Perform risk assessments and security audits of internal and external facilities against established standards.
• Provides consultative advice to information security customers that enables them to make informed risk management decisions.
• Contribute in establishing policies and procedures necessary to ensure the security of information system assets, and to protect them from intentional or inadvertent access, disclosure, or destruction.
• Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley, HIPAA.
• Weigh business needs against security concerns and articulate issues and options to management.
• Maintains appropriate security documentation for applications and systems.
• Ensures that user community understands and adheres to necessary procedures to maintain security.
• Communicates risk assessment findings to information security “customers,” or business partners.
• Active participation in strategic initiatives in accordance to the IRM roadmap.
• At least 5 years of IT experience with a Bachelor's Degree in computer related field or equivalent
• At least 3 years of experience in Information Security
• PC skills including knowledge of Microsoft Office
• Excellent organizational skills and ability to communicate with internal/external entities and executives a must
• Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities
• Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve
• Certification in information security (CISSP, CISM, GIAC, or equivalent) preferred

The Timberline Group
Phone: 636-209-5537
PO Box 565, Sullivan, Mo 63080
"Delivering quality solutions through quality people"
this job portal is powered by CATS