IT Risk Analyst
San Diego County Credit Union · San Diego, CA · 3 wk ago
Information TechnologyFull-time
Position Summary
The position of IT Risk Analyst is responsible for participating in IT compliance and risk management initiatives. The candidate should demonstrate a basic understanding of IT risk, the ability to maintain quality service standards set by the organization, the desire to learn, and a willingness to work with organizations outside the department.
Minimum Qualifications (Education, Experience, Skills)
- Bachelor’s Degree in Computer Science; or coursework in IT, Security, or Risk Management.
- 2 years’ experience in IT Security, Vendor Management, or Risk Management.
- Information security and/or risk certification(s) desirable.
- Track record of producing quality deliverables under limited supervision.
- Sufficient organizational skills to be able to prioritize concurrent projects effectively and meet deadlines and commitments.
- Effective written skills, verbal communications, and positive interpersonal skills.
- Basic level Microsoft Word, Excel, and PowerPoint skills.
Essential Duties And Responsibilities
- Schedule and participate in risk management meetings for branch risk assessments, vendor risk assessments, and unified application reviews as a representative of IS Compliance and Risk.
- Perform branch risk assessments on a scheduled basis. Assessment activities shall include evaluating physical and logical security posture, conducting training for branch employees, and completion of a branch security risk report.
- Perform vendor risk assessments as assigned. Work with vendors and business owners to gather documentation and develop vendor remediation plans.
- Perform unified application reviews for critical applications. Work with business owners to develop remediation plans.
- Participate in the annual Business Impact Analysis and Business Continuity Planning meetings with business owners to develop resilience plans for critical operations.
- Participate in the peer review process for risk assessments.
- Work with IS Compliance and Risk team members to help ensure the accuracy of risk reports.
- Acquire proficiency within the GRC portal as it pertains to risk assessments and risk register functionality.
- Following prescribed SLAs, ensure timely completion of all tasks.
- Escalate non-compliance of SLAs to the VP, Vendor Management & Business Continuity & Disaster Recovery.
- Create metrics and reports to regularly report on the health of assigned activities.
- Absorb and present security education and awareness training as required.
- Ensure all assigned programs have documented procedures which are current and relevant for the program.
- Participate in security and/or risk related committees as required.
- Perform other duties as assigned.
- Assist with IS Compliance & Risk initiatives as assigned by the Chief IT Compliance and Risk Officer.
Physical Demands and Work Environment
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
- While performing the duties of this job, the employee is regularly required to use hands and fingers to handle or feel objects, tools, or controls and talk or hear.
- The employee is frequently required to stand and reach with hands and arms.
- The employee is occasionally required to walk; sit; climb or balance; and stoop, kneel, crouch, or crawl.
- The employee must occasionally lift and/or move up to 25 pounds.
- Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
- The noise level in the work environment is usually moderate.
- Monday-Friday - 8:00am-5:00pm Saturday-Sunday - OFF Full time - 40 hours/week