Business Information Security Analyst Jersey City, New Jersey
Title: Business Information Security Analyst
Job Type: Permanent
Primary Location: Jersey City, New Jersey
Vignetic is looking for a Business Information Security Analyst who report directly to the Business Information Security Officer, proactively working with Corporate and Agency business and IT leadership to promote information security awareness and implement security practices that meet defined policies and standards for security, supporting efforts to sustain a Security Culture that is aligned with information security objectives.
Role & Responsibilities:
- Establish relationships and work closely with IT Internal Audit, IT Compliance, Data Privacy, Regional IT leads, CIOs, and IT teams to promote awareness and compliance of information Security and SOX/IT Control requirements.
- Facilitate delivery of company Information Security Initiatives, ensuring security requirements are understood.
- Help build and sustain a Security Culture across the company IT and Agency IT Teams ensuring alignment with company information security objectives.
- Produce reports and preform analysis for risk trends and data discrepancies, effectively communicating analysis output to supported company IT/Agencies, providing insight into potential losses and mitigation of identified risks through reporting activities.
- Review and analyze Security Compliance reports, providing periodic reports to supported teams and recommendations for improvement.
- Review SOX/IT Control management’s narratives, and testing evidence of IT SOX controls for supported IT locations and recommend improvements.
- Assist with the development of presentations required for governance meetings.
- Assist with evaluating open IT deficiencies, reporting, remediation, and retesting efforts.
- Assist with responding to IT compliance requests or inquiries.
Essential Skills& Qualifications:
- BA / BS degree in Information Systems or Information Assurance (or related discipline)
- 3 – 5 years of IT/IS controls experience
- Prior experience performing IT control testing activities is required
- Project Management Certification is preferred
- CISA, CISM, or CISSP Certification is preferred
- Understanding of IT infrastructure and development processes and associated IT controls required to support a fully functioning and controlled IT environment
- Working knowledge and experience with SOX and control standards such as ITIL, ICFR, and/or COBIT is beneficial
- Experience in partnering with IT teams from different disciplines in a combined effort to achieve project success
- Excellent written and verbal communication skills to both a technical and non-technical audience; interpersonal and collaborative skills
- Critical thinker with strong problem-solving skills
- Able to work on multiple projects simultaneously in a fast-paced environment
- Excellent attention to detail and organization skills