Information Security Risk Analyst (GRC)

Description

The Information Security Risk Analyst role is responsible for critical assessment, analysis, and support necessary to maintain the Information and Cyber Security Program.

• Conduct comprehensive risk assessments to identify and evaluate potential threats and vulnerabilities to information systems, assets, programs, and practices
• Analyze controls for weaknesses in security, business resiliency, data protection, privacy, and compliance frameworks
• Leverages quantitative analysis and qualitative narrative to thoroughly document and report all identified risks and gaps to Information Security leadership
• Conduct Information and Cyber Security due diligence to support the Third-Party Risk Management program
• Support Information Security leadership with facilitation of program management efforts including but not limited to risk register maintenance, issue management, security awareness, vulnerability management, policies, procedures, metrics and reporting
• Interface and collaborate with internal stakeholders and external auditors as necessary to support the Information Security Program and other critical business efforts
• Perform horizon scanning and stay up to date with regulatory changes, emerging threats, vulnerabilities, security standards and best practices
• Participates in and support incident response activities as necessary
• Perform other duties as assigned

Required Experience :

Skills :

ANBTX strongly encourages candidates that are fluent in English and Spanish to apply. Jobs that specifically require candidates to be bilingual will be posted as a requirement.

Equal Opportunity Employer

This employer is required to notify all applicants of their rights pursuant to federal employment laws.

For further information, please review the Know Your Rights notice from the Department of Labor.