Icon hamburger
What job do you want?
Apply to this job.
Think you're the perfect candidate?
Apply Now

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.

IT Security Risk Analyst (Threat & Vulnerability)

Randstad USA Atlanta Full-Time
Apply Now


An ideal candidate for this role will be engaging, possess a strong balance between technical expertise and business acumen, and embrace opportunities to become a difference maker in a constantly evolving global organization. The successful candidate selected for this highly visible role will work closely with a cross-functional group of risk stakeholders to deliver information security, IT risk management, and data privacy protection solutions and advisory services to stakeholders and Operating Companies located throughout the USA. This role will also be called upon to participate and provide input to help execute the agenda of the organization’s global Data Privacy and Information Security (DPIS) Community. This position will report to the Director, Enterprise Risk and Security.

Primary Responsibilities

Threat and Vulnerability Management

  • Execute tasks and help mature threat monitoring and vulnerability management capabilities and processes, including, but not limited to the following:
  • Endpoint Protection and Data Loss Prevention (DLP) alert monitoring and risk mitigation planning
  • Patch management process planning and task execution oversight
  • Penetration Testing and Application Vulnerability Scanning remediation planning
  • Review results from internal and external vulnerability scans and drive risk remediation planning
  • Analyze security-related incident tickets submitted by IT, business, and field stakeholders and propose appropriate risk mitigation solutions
  • Assist with the execution of the Security Incident Response Process and recurring incident response training exercises
  • Participate in the IT change management meetings and provide subject matter expertise on security-related IT change requests  

Risk and Compliance Management

  • Execute the Information Security Risk Assessment Process to ensure appropriate risk treatment and risk mitigation decisions are made to address identified risks.
  • Act as customer-facing liaison and information security subject matter expert to help IT functional teams, internal project teams, business stakeholders, and external partners understand policies and control requirements and effectively implement and manage their risk mitigation safeguards.
  • Plan and execute the tasks necessary to ensure the services provided by key third party vendors, suppliers and business partners do not pose a risk to Randstad’s business operations, including:
  • Administer the Third Party Vendor Security Questionnaire Process
  • Participate in vendor risk remediation discussions and execution
  • Assist with the review of contract agreements, Statement of Works, and other product or service agreement documentation
  • Assist with onsite assessments at vendor sites, as needed
  • Facilitate internal and external audits and assessments. Participate in audit interviews, review findings, lead remediation planning, and document and communicate lessons learned with business and IT stakeholders.
  • Assist with executing the Security Waiver and Exception Process to ensure all authorized deviations from acceptable information protection practices are managed and tracked
  • Assist with the planning and execution of Business Continuity, Disaster Recovery, and other contingency planning activities. As the candidate settles into this role and becomes acclimated to the Randstad business, this responsibility will evolve into full task ownership and accountability to mature Randstad’s contingency planning  capabilities
  • Administer the IT crisis communications alert notification solution  

Policy and Awareness Management

  • Develop and maintain the implementation life-cycle of information security policies and supporting documentation (i.e. standards, guidelines, etc.) Perform recurring policy refresh to ensure control requirements and policy guidance remains current and applicable
  • Assist in the continuous development, implementation, and ongoing maintenance of the security training and awareness education program. Help create and deliver security and data protection awareness training content to end users
  • Assist with the planning and execution of the employee phishing defense training campaigns


  • Bachelor’s Degree

Work Experience

  • 5 - 7 Years Information Security Risk Management
  • 5 Years Security Threat & Vulnerability Management
  • 3 - 5 Years Vendor Security Risk Management

Knowledge, Skills, and Abilities

  • CISSP or GIAC Equivalent Certification
  • ISO 27002 Controls Framework
  • Excellent Interpersonal Communications Skills
  • Effective Relationship and Consensus Building Skills
  • Vendor Security Risk Management
  • Threat and Vulnerability Management
  • Endpoint Protection (McAfee ePO Strongly Preferred)
  • Data Loss Prevention Event Monitoring & Analysis
  • Risk Assessment Methodologies

Interested candidates should apply online at www.randstadusa.com/jobs/ You may also contact Valerie Hunter at Valerie.hunter@randstadusa.com for additional information. 

Get to know us and find out "What More Could You Do" at Randstad 

  Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

Recommended skills

Incident Response
Contingency Plan
Penetration Testing
Information Security
Vulnerability Management
Apply to this job.
Think you're the perfect candidate?
Apply Now

Help us improve CareerBuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Job ID: 90375


For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.

Randstad US is a wholly owned subsidiary of Randstad Holding nv, a $24.5 billion global provider of HR services. As one of the largest staffing organizations in the United States, Randstad provides temporary, temporary-to-hire and permanent placement services each week to over 100,000 people through its network of more than 900 branches and client-dedicated locations.

View the full profile