Skip navigation
Unable to save this job. Please try again later.

{msg}

Email this Job to Yourself or a Friend

To begin the application process, please enter your email address.

Company Contact Info

  • Parsippany-Troy Hills, NJ
  • Samantha Palazzolo
  • Phone: 2018180011

Already have an account?

Sign in to apply with your saved resumes.

New to CareerBuilder?

Don't have an account? Continue as a guest!

Sorry, we cannot save this job right now.

Report this Job

Trust and Site Security Team.

Email Send Failed!

Sr. Information Security/Risk Mgt. Analyst

Career Developers, Inc. • Parsippany-Troy Hills, NJ

Posted 12 days ago

Job Snapshot

Full-Time
Travel - None
Experience - 5 to 7 years
Degree - 4 Year Degree
$110,000.00 - $112,000.00 /Year
Healthcare - Health Services
Information Technology
69

Applicants

How Do You Compare to the Competition?

Get facts about other applicants with a CareerBuilder Account

Job Description

Sr. Information Security/Risk Mgt. Analyst
Parsippany, NJ
Salary: 110-112K + 8% Bonus

SUMMARY:
The core responsibility of the Senior Information Security and Risk Management Analyst is working with business units to identify security requirements, collaborating on critical projects to ensure that security issues are addressed throughout the project life cycle, working with IT and other Business Units to identify, select and implement appropriate security and risk management controls and maintain current baselines for the secure configuration and operations of systems.
Additional responsibilities include, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting risk assessments. The Senior Information Security and Risk Management Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

ESSENTIAL DUTIES AND RESPONSIBILITIES:
Risk Management:
  • Works with business units to identify information security requirements, using methods that may include risk and business impact assessments.
  • Conduct application risk assessments and vendor risk assessments.
  • Develop and update policies and procedures for the general operation of the Information Security and Risk Management program.
  • Create and maintain Information Security policy exceptions process.
  • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
  • Play an advisory role in application development or other related projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
  • Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
  • Manage Information Security Awareness Program

Acquisition & Deployment:
  • Maintain up-to-date detailed knowledge of the Information security and Risk Management industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
  • Continuous review and improvement of current processes to maintain a secure and compliant environment

Strategy & Planning:
  • Participate in the review and update of enterprise security and risk management program
  • Participate in the creation of enterprise information security and risk management documents (policies, standards, baselines, guidelines and procedures)
  • Maintenance of Security and Risk Management Framework based on HITRUST Standard
  • May perform other functions as assigned.

Job Requirements

EDUCATION/EXPERIENCE/PERSONAL REQUIREMENTS:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The core competencies listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Formal Education & Certification:
  • Bachelor's degree in Information Technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree.
  • 5-7 years experience of security and risk management.in information
  • Experience conducting risk assessments, maintaining Security Frameworks based on HITRUST aspects of multiple computer platforms, operating systems, products, network protocols and system architecture.
  • At least one or more of the following certifications: CISSP, CISA, CRISC, CISM

Knowledge & Experience:
  • Strong knowledge of information security and risk management,
  • Strong knowledge of current and evolving cyber threat landscape
  • Significant theoretical and practical knowledge in the following areas:
  • Unix, Linux, Windows, etc. operating systems, well-known networking protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.), exploits, vulnerabilities, network attacks
  • Proficiency, and experience, using information security tools and related methodologies.
  • Experience investigating security incidents.
  • Knowledge of specialized telecommunication techniques such Virtual Private Networks, encryption methodology and their associated technologies.
  • Knowledge of industry standards including SSAE 16, ISO 27001, etc.

Personal Attributes:
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Good written, oral, and interpersonal communication skills.
  • Ability to conduct research into IT security issues and products as required.
  • Keen attention to detail.
  • Team-oriented and skilled in working within a collaborative environment.

The candidate should be an energetic, innovative with excellent communications skills, both written and oral, as well as strong interpersonal skills. S/he should be capable of developing strong relationships at all levels inside and outside of the company. S/he should be an excellent listener and possess facilitator skills to precipitate consensus. The successful candidate should be self-motivated and confident; capable of defining clear priorities and developing strategies to achieve organizational goals. The candidate should be a change agent, rather than merely a defender of the status quo. S/he should be skilled at making and defending tough decisions, but at the same time possess genuine concern for the opinions of others and a willingness to work with others to achieve common goals.


The successful candidate will be a poised professional whose demeanor and manner convey an impression of DDNJ as being a high quality organization. Patience, predictability and a sense of humor are important assets. High ethical standards, sincerity and a strong work ethic are key ingredients to functioning successfully at DDNJ.

PHYSICAL DEMANDS:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit and perform extensive close keyboard and PC work. The employee frequently is required to walk, talk or hear. The employee is occasionally required to stand and reach with hands and arms.

WORK ENVIRONMENT:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
The noise level in the work environment is usually moderate.
This classification will be required to sign a confidentiality agreement.

CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities CISSP CISA CISM risk security audit controls windows linux vulnerabilities


Job ID: SP17-00119
Help us improve CareerBuilder by providing feedback about this job: Report this Job.
CAREERBUILDER TIP
For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.
By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.