Information Security Risk & Compliance Analyst

Job Description
– Information Security Risk Compliance Analyst Information Security Risk Compliance Analyst ICS has a client in Media, PA that is looking for a Risk Assessment and Compliance analyst for a 6 month contract position.

Our client is a rapidly growing, retail company with a collaborative, family oriented culture.

This is a place where people come to work on Monday morning with a smile on their faces.

Responsibilities Manage the efficiency and effectiveness of risk management, compliance, risk reviews, risk acceptance, and vulnerability management for the organization.

Develop security requirements for new and existing solutions Assess compliance to the company’s policies and standards Review systems against policies, and provide guidance for remediating security issues to the operational and project teams Develop policies and standards for new areas Set measurable goals and examines ways to raise standards, to increase quality and to improve overall risk management efforts of the team.

Monitor progress and measures departmental success in identifying and managing risk exposure.

Make recommendations for developing new risk management strategies Provide consultation, facilitation and analytical support to multiple divisional management teams as new products, services, processes and procedures are developed to ensure risk is properly mitigated.

Understand the risk management framework and utilize the core concepts when discussing risk exposures within IT.

Work with IT and business partners to prioritize its inventory of processes and help build the risk assessment plan based on the inherent risk of each process, application, and technology.

Review the IT divisional risk exposure metrics and helps the management team monitor known risks and assess capabilities effectiveness in managing risk exposure.

You may also have experience with one of more of the following Experience managing McAfee ePO Ability to support and troubleshoot Endpoint Security related issues Review and tuning IPS signatures Reviewing firewall rules configuration and assisting with designing secure firewall rules Reviewing forward proxy configuration and making security improvement recommendations (BlueCoat, andor cloud SaaS services) Reviewing client VPN configuration, logging and monitoring for suspicious activity Background as a Windows ADGPO Administrator Experience supporting Windows patching and upgrading operating system and server applications Knowledge about upgrading and patching third party software (Java, Adobe, Flash, .Net) Experience with Imperva Recommend mitigating controls to be deployed via the WAF service Familiar with OWASP security vulnerabilities and mitigating controls provided by WAF SIEM monitoring and response expertise Experience with Mimecast Review secure email gateway configuration to ensure mail filtering is blocking malicious emails