Job Information
Insight Global Senior IT Risk Analyst (Remote) in Erlanger, Kentucky
Job Description
A fortune 100 organization is seeking a Senior IT Risk Assurance Analyst that can sit fully remote for a contract role that may be hired full time in 2025. The Senior Risk Assurance Analyst role involves assessing information systems risk and control within the organizations Global Technology division. Responsibilities include collaborating on risk management programs, aligning technology risk activities, and contributing to risk reduction efforts related to technology use. It is also expected that this person will interact with the business to teach them to identify risk, collaborate on remediation plans, and handle their own monitoring to close the gaps identified.
IN THIS ROLE, YOU WILL:
Participate in ongoing reviews of the companys Risk Management Program.
Contribute to strategic plans supporting program objectives and alignment of technology risk activities across the company. Apply quantitative risk valuation models and tooling to inform and support strategic and tactical risk-based decisions.
Assist in delivering Global Tech Risk Management programs to mitigate technology-related risks.
Contribute to program governance and processes for identifying, assessing, and responding to risks.
Maintain risk assessment methodologies, processes, artifacts, and training.
Lead or manage assessments and remediation efforts, tracking progress and reporting on security control gaps.
Analyze risk/control information to formulate recommendations, metrics, and reports for management decision-making.
Ability to analyze and aggregate risk across a complex organization and articulate risk clearly.
Register risks, work with risk owners on risk treatment, and monitor risk treatment, response, and mitigation with risk owners. Weigh business needs against security concerns and articulate issues and options to management.
Present risk register and treatment plans to stakeholders on a regular basis.
Enhance collection and maintenance of OneTrust risk register information.
Work cross-functionally to improve workflow and collect required risk profile data.
Assist project teams in the implementation of security measures to meet corporate security policies, manage risk, and meet external regulations, including various data security standards.
Ensures of proper documentation of technology assessment results, and monitors remediation. Deliver all documentation developed during task execution, with status of all work in progress. Create Weekly and Monthly Status Reports, including daily technical task reports, threat management reports, among others.
Support the Business Technology Disaster Recovery process.
Support the resolution of Internal Audit, Compliance, Risk Management, Regulatory related issues that could impact the confidentiality, availability or integrity of data or processes.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Skills and Requirements
7+ years of experience as an IT Risk Analyst
5+ years of experience with ISO 27001, NIST, and NIST CSF Security Controls frameworks
Knowledge of privacy regulations (e.g., GDPR, CPRA, NIS, NIS2, CPA, etc.)
Experience with OneTrust Governance-Risk-Compliance (GRC) software suite
Experience working in enterprise level global organizations
Able to effectively communicate security-related concepts to a broad range of technical and non-technical staff, across IT and business. Experience with HIPAA, PCI, or SOX security control frameworks
Any certification in; CISSP, CRISC, CISA, CASP, CYSA, ISA, or Security+ CE is preferred. null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.