We have an urgent C2H opening for a Senior Risk Analyst position based in Cincinnati, OH. Our client is looking to fill this role immediately. Key Requirements: - 5-10 years of experience in a Risk Analyst role - Bachelor's or master’s degree in computer science, Cyber-Security, or a related field - Experience with Security Controls frameworks and knowledge of privacy regulations - Proficiency in Governance-Risk-Compliance (GRC) software suites - Strong leadership, critical thinking, and collaboration skills - Attention to detail is crucial - Ability to influence and communicate effectively across different business lines - Analytical and able to interpret policies and regulations - Strong technical information security knowledge - Certification in CISSP, CRISC, CISA, or similar is preferred If you meet these qualifications and are interested in this role, please share your updated resume to [email protected] as soon as possible.
PiplNow LLC’s Post
More Relevant Posts
-
Seeking an internship (PFE) as final year Cyber Defense and Embedded Telecommunications Systems STUDENT ENGINEER at ENSA Marrakech || Delegate at Cyber4D Academy || Self-Dev Club Founder
#DAY_151 Compliance and Risk Analyst A Compliance and Risk Analyst plays a vital role in ensuring that an organization's cybersecurity practices comply with regulatory requirements and industry standards. They assess and manage risks associated with information security, ensuring that the organization adheres to legal and regulatory frameworks. Their work helps in mitigating potential risks and avoiding costly penalties. In this role, a Compliance and Risk Analyst must have a deep understanding of various regulations and standards such as GDPR, HIPAA, PCI-DSS, and ISO 27001. They conduct risk assessments, develop compliance programs, and monitor security controls to ensure they meet the necessary requirements. Proficiency in using risk assessment tools and frameworks, along with strong analytical skills, is essential. To become a Compliance and Risk Analyst, a background in cybersecurity, law, or business administration is often required. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly valuable in this field. Attention to detail, excellent communication skills, and the ability to work collaboratively across different departments are critical attributes. Compliance and Risk Analysts are essential in creating a secure and legally compliant environment, making their role crucial in today's regulatory landscape. #ComplianceAndRiskAnalyst #CybersecurityJobs #RiskManagement #InformationSecurity #RegulatoryCompliance
-
-
What is the best way to assess an IAM candidate’s suitability for the job? Hint: it’s not a stretched-out interview process. While it’s understandable to be thorough with your vetting and testing stages, it’s also crucial to keep candidate engagement front of mind. Technical tests, when done right, can tell you everything you need to know about a top candidate’s potential in your team. Depending on the role you’re hiring for, ask about their more general Information Security certificates as well as vendor-specific certifications. If you’re hiring a CISA (Certified Information Systems Auditor), you could ask them about the ways their CISA skills have ensured regulatory compliance in their roles. Hiring for a CIMP (Certified Identity Management Professional) may include questions relating to how their training has helped streamline user provisioning. #TechnicalTests #HiringAdvice #Recruitment
-
Information security senior manager, with a background in intelligence, security and languages
A useful list for those of us moving into the private sector, many thanks Dr Iretioluwa Akerele!
PhD|| UN Women UK Delegate for CSW68|| Multi-Award winning Cybersecurity Professional || Teacher|| Keynote Speaker|| Cybersecurity Career Coach and Mentor|| Cyblack||
Are you actively searching for a GRC job? Here is a list of different job titles that you can explore. Business Information Security Officer Compliance and Data Privacy Officer Cyber & Risk Analyst Cyber & Technology Risk Management Associate Cybersecurity Compliance Officer Cybersecurity Governance Manager Cybersecurity GRC Associate Cyber Risk & Compliance Analyst Cyber Risk Assessor Data & Information Privacy Analyst Data Governance Analyst Data Privacy Coordinator Data Protection Analyst Data Protection Specialist Data Protection Practitioner Governance, Risk and Compliance (GRC) Analyst Identity and Security Analyst Information Governance Officer Information Risk & Assurance Manager Information Security Advisor Information Security Analyst Information Security & Compliance Manager Information Security & Compliance Officer Information Security & Governance Analyst Information Security & IT Governance Consultant Information Security Assurance Analyst Information Security Assurance Manager Information Security Awareness Analyst Information Security Auditor Information Security Consultant Information Security Governance Lead Information Security GRC Analyst Information Security Lead Information Security Manager Information Security Officer Information Security Policy Advisor Information Security Policy & Assurance Analyst Information Security Project Manager Information Security Risk & Control Associate Information Security Risk Analyst Information Security Risk Management Specialist Information Security Specialist Information Security Third Party Consultant Information Systems Assurance Officer Information Systems Security Compliance Engineer IT & Data Privacy Compliance Auditor IT Compliance Analyst IT Control Tester IT Risk & Control Analyst IT Security & Compliance Specialist Privacy Compliance Analyst Security & Information Risk Advisor Third Party Assurance Analyst Vulnerability Manager Contributor: My mentee - Alero Mogbeyiteren
-
Two things today: 1) I just got off the phone with an excellent SOC 2/FISMA/FedRAMP candidate at the Associate Manager level that is looking for his next opportunity. DM me for details and a resume if you're looking for someone with that skillset. I highly recommend him and he's more technical than your average auditor! 2) I am recommending everyone in GRC today that is looking for a new role to "follow the money." There are few GRC jobs out there right now so it's important to leverage one's network + Crunchbase to find where the opportunities still exist. Blindly applying to hundreds of jobs simply is not an effective use of your time anymore. As always, DMs are open! #GRC #GRCjobs #securitycompliance #ITcompliance #FedRAMP #FISMA #SOC2 #securityjobs #cyberjobs #cybersecurityjobs #cyberhiring #securityhiring #infosechiring #infosecjobs #informationsecurityjobs #SSAE18 #SOCreport #SOCreports #SOCreporting #ITGCs #ITGC
-
Job Title :- IT Auditor /Government & risk compliance consultant (Strong financial background) Job location:-Richmond /Mclean VA(Hybrid) Duration:- 1 + year Contract Must have Some expertise within controls testing and controls documentation. Experience with Cloud will be added advantage Knowledge of building out reporting. Audit experience would be beneficial. Evidence gathering + understanding what evidence to gather and setting requirements. Executing audits, controls testing, and controls documentation. Nice to have Audit certs Cybersecurity certs (not required and not as important as the auditing experience) Project: Role is surrounding a continuous controls monitoring program that they're trying to stand up within cybersecurity. They're looking to build out what will be many audits of controls (understanding how the controls operate, reviewing controls, setting requirements, etc.) and establishing where the data resides and how to build out requirements for the data analyst. Issues with candidates so far - lots of folks with tech compliance where it seems like they understand how to gather evidence for controls but don't understand how to set the requirements for evidence gathering for controls. They have step 2 (gathering evidence) but not step 1 (setting requirements on how to gather evidence, etc.) Must have Skills Required Bachelors Degree 5+ years of experience in technology audit, compliance, or governance & risk management 2+ years of experience with cloud environments 2+ years of experience in an agile or scrum environment CISA, CISM, Security+, CISSP, CEH, CCSP, or AWS Certification Experience with regulatory requirements and control frameworks (e.g., SOX, COSO, COBIT) Experience developing and implementing a continuous controls monitoring program. Problem-solving and decision-making skills, with the ability to analyze complex issues and develop practical solutions. Demonstrated ability to manage multiple projects simultaneously, prioritize tasks, and meet deadlines in a fast-paced environment. Some expertise within controls testing and controls documentation. Knowledge of building out reporting. Audit experience would be beneficial. Evidence gathering + understanding what evidence to gather and setting requirements. Executing audits, controls testing, and controls documentation. [email protected]
-
Internal Control officer, Audit, Risk and compliance…Certified ISO Auditor, Fraud Analyst
opportunity to excel
EXPERIENCED IT AUDITOR || SPECIALIZING IN CORE BANKING SYSTEMS, ACCESS CONTROL, INFORMATION SECURITY, FOCUSED ON SYSTEM INTEGRITY|| CYBER SECURITY SPECIALIST || PENETRATION TESING || SQL|| DATABASE
A reputable organization is currently seeking qualified candidates for the following roles under the grade SBO-DM: Enterprise Security Risk Assessment Analyst Lead, Information Security Policy, Awareness, and Reporting Lead, Information Security Compliance Information Security Risk Manager - Third Party/Vendor Management Interested candidates, please send your CV to [email protected] #JobOpportunities #SecurityRoles #CareerGrowth
-
#hiring *Principal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)*, Chicago, *United States*, fulltime #opentowork #jobs #jobseekers #careers #Chicagojobs #Illinoisjobs #ITCommunications *Apply*: https://lnkd.in/gjawG2jw Center 3 (19075), United States of America, McLean, VirginiaPrincipal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)The Cyber External Client Assurance (CECA) - Independent Assurance team centrally facilitates Capital One's commercialized products and services through their Commercialized Attestation goals (SOC 2). The associate in this role will partner across the organization to perform the following responsibilities: (1) Commercialized Attestation Scoping: Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2). (2) Issue Management: Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue. (3) Evidence Collection: Facilitate evidence requests made by external auditors to support their independent attestation requirements.You will:Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2).Proactively identify changes in our products features and evaluate their impact on the controls needed to achieve any Commercialized Technology Attestations the product is pursuing.Monitor changes in attestation frameworks and how the changes impact the optimal mix of controls required for our products pursuing a Commercialize Technology Attestation.Ensure seamless design of our controls around emerging technologies as they are integral in supporting our Commercialized Technology Attestation engagement. Interpret and communicate/present appropriate control design to senior leadership.Influence leadership with recommendations for Controls and Process improvements on an ongoing basis.Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue.Draft Management Responses that are presented within Attestation Reports.Partner with the product teams to answer any customer inquiries on issues listed within an attestation report.Facilitate evidence requests made by external auditors to support their independent attestation requirements.Provide advisory to control owners on ensuring the evidence they are submitted will meet the needs
-
#hiring *Principal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)*, Chicago, *United States*, fulltime #opentowork #jobs #jobseekers #careers #Chicagojobs #Illinoisjobs #ITCommunications *Apply*: https://lnkd.in/g74RPHFm Center 3 (19075), United States of America, McLean, VirginiaPrincipal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)The Cyber External Client Assurance (CECA) - Independent Assurance team centrally facilitates Capital One's commercialized products and services through their Commercialized Attestation goals (SOC 2). The associate in this role will partner across the organization to perform the following responsibilities: (1) Commercialized Attestation Scoping: Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2). (2) Issue Management: Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue. (3) Evidence Collection: Facilitate evidence requests made by external auditors to support their independent attestation requirements.You will:Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2).Proactively identify changes in our products features and evaluate their impact on the controls needed to achieve any Commercialized Technology Attestations the product is pursuing.Monitor changes in attestation frameworks and how the changes impact the optimal mix of controls required for our products pursuing a Commercialize Technology Attestation.Ensure seamless design of our controls around emerging technologies as they are integral in supporting our Commercialized Technology Attestation engagement. Interpret and communicate/present appropriate control design to senior leadership.Influence leadership with recommendations for Controls and Process improvements on an ongoing basis.Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue.Draft Management Responses that are presented within Attestation Reports.Partner with the product teams to answer any customer inquiries on issues listed within an attestation report.Facilitate evidence requests made by external auditors to support their independent attestation requirements.Provide advisory to control owners on ensuring the evidence they are submitted will meet the needs
https://www.jobsrmine.com/us/illinois/chicago/principal-associate-cyber-risk-analysis-cyber-external-client-assurance-independent-assurance-soc-2-iso27001/477158124
-
#hiring *Principal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)*, Chicago, *United States*, fulltime #opentowork #jobs #jobseekers #careers #Chicagojobs #Illinoisjobs #ITCommunications *Apply*: https://lnkd.in/g74RPHFm Center 3 (19075), United States of America, McLean, VirginiaPrincipal Associate, Cyber Risk & Analysis - Cyber External Client Assurance - Independent Assurance (SOC 2, ISO27001)The Cyber External Client Assurance (CECA) - Independent Assurance team centrally facilitates Capital One's commercialized products and services through their Commercialized Attestation goals (SOC 2). The associate in this role will partner across the organization to perform the following responsibilities: (1) Commercialized Attestation Scoping: Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2). (2) Issue Management: Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue. (3) Evidence Collection: Facilitate evidence requests made by external auditors to support their independent attestation requirements.You will:Perform process and technology risk assessments to determine the optimal control mix for the products pursuing a Commercialized Technology Attestation engagement (SOC 2).Proactively identify changes in our products features and evaluate their impact on the controls needed to achieve any Commercialized Technology Attestations the product is pursuing.Monitor changes in attestation frameworks and how the changes impact the optimal mix of controls required for our products pursuing a Commercialize Technology Attestation.Ensure seamless design of our controls around emerging technologies as they are integral in supporting our Commercialized Technology Attestation engagement. Interpret and communicate/present appropriate control design to senior leadership.Influence leadership with recommendations for Controls and Process improvements on an ongoing basis.Evaluate control deviations and their impact on management's opinion over the design, implementation, and operating effectiveness of the controls in place to address the Commercialized Technology Attestation frameworks we pursue.Draft Management Responses that are presented within Attestation Reports.Partner with the product teams to answer any customer inquiries on issues listed within an attestation report.Facilitate evidence requests made by external auditors to support their independent attestation requirements.Provide advisory to control owners on ensuring the evidence they are submitted will meet the needs
https://www.jobsrmine.com/us/illinois/chicago/principal-associate-cyber-risk-analysis-cyber-external-client-assurance-independent-assurance-soc-2-iso27001/477158124
