Information Risk Analyst Job Description
Information Risk Analyst Duties & Responsibilities
To write an effective information risk analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included information risk analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Risk Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Risk Analyst
List any licenses or certifications required by the position: CISSP, CISM, CRISC, CISA, GNFA, GCFA, GCIH, GMON, GSEC, ISACA
Education for Information Risk Analyst
Typically a job would require a certain level of education.
Employers hiring for the information risk analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Technical, Information Security, Education, Business, Management, Finance, Accounting, Engineering
Skills for Information Risk Analyst
Desired skills for information risk analyst include:
Desired experience for information risk analyst includes:
Information Risk Analyst Examples
Information Risk Analyst Job Description
- Conduct ongoing security assessment activities to validate appropriate aspects of the control environment exist
- Gather evidence of technical and operational controls
- Perform on-site assessments to measure the effectiveness of the current control environment
- Document and communicate control deficiencies identified during assessment
- Access Uplift - Support and help streamline the adoption of EPV as a method to drive compliance with the corporate Access Uplift program
- The Senior Financial Analyst will provide analytical support for the International Small Business Services(SBS) and U.S. Non-Card Lending products
- Assist in management of the forecasting and analysis of Loss Provision and Credit Reserves
- Provide credit related analytical support for major business initiatives
- Build core competency in analyzing data at the customer level (primarily via SQL)
- Develop and present key analyses and monthly provision results to senior management
- 5+ years of work experience in areas of infrastructure is preferred with a broad understanding of infrastructure
- Bachelor’s degree in Finance, Accounting, related discipline or equivalent experience
- 5 or more years of experience, progressively responsible related financial experience required
- Good ability to manage diverse relationships with partners/clients
- Expert knowledge in the use of financial software applications, databases, spreadsheets and word processing preferred
- Excellent operational and problem solving skills
Information Risk Analyst Job Description
- Develop and present business cases (CBA’s) in partnership with Risk and Information Management for new projects and initiatives
- Provide credit related analytical support for the Risk and Information Management Group (RIM), in partnership with the Global Servicing Network
- Manage the risk finance templates that quantify the financial impacts of risk initiatives
- Manage forecasting and analysis of Global Outside Agency Fees and Recoveries
- Develop and present key analyses and recommendations to senior management
- Develop, implement, and support information security policy and procedures that meet or exceed the compliance requirements of the organization
- Works with and educates 3rd party vendors on compliance with the information security requirements of the organization
- Assist in client due-diligence activities (questionnaires, on-site audit/assessments, ) as needed
- Develops technical and end user training material
- Develop and present business cases (CBA’s), in partnership with RIM, for new projects and initiatives
- Proven ability to work on large programs and projects within a cross line of business technology organization
- Good understanding of UNIX (Keon preferred), Windows (local and domain), mainframes / distributed databases, Java/ .Net
- Must have superior written and verbal communications skills, the ability to create executive level presentations
- Must have excellent negotiation, presentation, and interpersonal skills
- Bachelor's or Master’s degree in Business Administration, Information Systems or equivalent
- Experience in project and/or service management
Information Risk Analyst Job Description
- Collaborate with Business and IT teams to ensure proper risk identification and mitigation of critical risks
- Collaborates with other internal teams to ensure the risks from 3rd parties are mitigated to acceptable levels
- Perform IT security risk assessments of both new and existing in-house and vendor-based systems
- Administer user system and data entitlements, across multiple platforms and applications
- Assist in Implementing and modifying user entitlements, as it relates to the rollout of new applications
- Generate and ensure the accuracy of entitlement reports
- Review requests for new systems or changes to existing systems and evaluate the impact to security
- Provide assistance to system users and Security Coordinators, as it relates to security access and controls
- Training of Security Coordinators on ISRM processes and workflows
- Engage in ongoing communications with peers in technical development groups the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation
- Experience with Computer System Validation (FDA CFR21 part 11, Pharmaceutical systems) or equivalent
- Ability to engage with multi-functional stakeholders
- Ability to quickly grasp understanding on diverse topics and make relevant contributions
- Interest to learn cross-functional business process
- Dynamic Team Player while able to work independently
- Travel abroad may be required during onboarding phase
Information Risk Analyst Job Description
- Assist in coordinating efforts to ensure IT controls are appropriately executed resulting in Sarbanes-Oxley (SOX) and Business Process Assurance (BPA) compliance
- Track and support remediation of PCI DSS, SOX and all other regulatory observations identified and reported by BPA or external auditors
- Gather data to prepare IT Risk management metrics and reporting
- Serve as IT liaison to BPA or external auditors by prescreening requests and responses
- Perform tasks associated with Information Security policies and procedures development and updates
- Participate in IT control monitoring programs to ensure IT compliance-related risks are managed to the level of acceptable risk
- Research and provide recommendations for improving the effectiveness and efficiency of IT control processes and enterprise risk and compliance activities
- Support the development of IT knowledge repository for IT risk and compliance-related materials and resources including IT controls, policies, procedures and standards
- Gain understanding of business processes, business control processes, risk management, IT controls and related standards
- Gain understanding of complex business and information technology management processes
- Background in system or process auditing shows ability to identify and quantify risks
- Excellent ability to evaluate processes, identify potential problems and implement feasible solutions
- CISSP, CEH or CISA highly preferred
- Typically requires a minimum of 5 to 7 years of experience in the IT risk discipline, information security or at a public company in a related field
- Successful candidate will have proactive "can do" attitude
- Must be able to apply quantitative techniques and financial modeling skills to translate data into meaningful business dynamics and/or solutions
Information Risk Analyst Job Description
- Conduct analysis and research to understand the broader risk impact of current decisions
- Provide timely status updates on progress to manager
- Maintain and deliver the best-in-class Business Intelligence and Analytics solutions for Risk within RIM Bluelight platform
- Research, analysis, development and support of reporting and analytical solutions using SQl, SQL Server and Big Data Environment( Hive , Hadoop )
- Very good knowledge of SQL is desired
- Candidate should be able to write complex SQL queries , SQL Procedures and do performance Tuning for the same
- Daily responsibilities include designing and developing robust, user friendly applications
- Support business analysts in determining needs and solutions
- Good data analysis, application troubleshooting and communication skills are a must
- Understanding of Cornerstone and Big Data environments will be helpful
- Technical knowledge of application development, operating systems, database design, and/or networking will help an Information Risk Lead interact with technology groups and guide appropriate solutions
- CISSP, CISM, CISAor similar security-specific education
- Must be results driven and proactive with the ability to manage multiple projects and work within tight timelines
- Able to think strategically and have the relationship skills necessary to partner and drive results in a cross-functional team environment
- Excellent oral and written communication skills and ability to present on a regular basis to senior management
- Previous card/risk management experience and/or 2+ years work experience