LosAngelesRecruiter Since 2001
the smart solution for Los Angeles jobs

Security Analyst III

Company: Kelly IT
Location: Los Angeles
Posted on: November 23, 2020

Job Description:

Security Analyst III -Department ISO GRC -Job 21553 12 Months Hours 8am to 5pm - Seeking local candidates to the Torrance, CA area 90501 - Consultant will be virtualoffsite but due to nature of role will be required to come into the office based on project need Description Establish, Maintain and Enforce North America Regional and Local Company-specific Information Security (Cybersecurity), Data Privacy, and GRC Controls, Policies, Procedures and Standards. Continuously monitor the status and effectiveness of all Information Security (Cybersecurity), Data Privacy, and GRC Controls Develop Information Security (Cybersecurity) and Data Privacy processes and procedures and supports service-level agreements (SLAs) to ensure that effective controls and countermeasures are managed and maintained Ensure key risk indicators documented and are effectively monitored to prevent a negative impact on business objectives and brand reputation. Ensure Remediation Plans andor Compensating Controls are established to address risks or gaps identified by AHM IT GRC Staff or reported by internal and external auditors. Establish continuous monitoring of all risks and gaps until they have been resolved. Compensating Controls must be re-evaluated at least annually to ensure they are still effective at addressing a risk or gap. Maintain the Information Security Risk Division's Information Security (Cybersecurity), Data Privacy and GRC Policies, Procedures and Standards Documentation, including the associated repositories and portals. Work with Client Business Units, Law Division, Internal and External Auditors to identify Information Security (Cybersecurity), Data Privacy risks, control requirements and standards using methods that may include risk and business impact assessments. Components of this activity include but are not limited to - Business System Analysis - Communication, facilitation and consensus building - Conducting Privacy Impact Assessments (PIA) - Preparing post-PIA reports and presentations to advise IT and business unit management regarding residual risks, vulnerabilities and other Information Security and Data Privacy exposures, including misuse of information assets and noncompliance. Facilitate and provide support for all internal and external audits or assessments, including state and federal regulatory agencies. Components of this activity include but are not limited to - Coordinate with Internal or External Auditors to comply with their audit requirements, including compiling and organizing audit requirements such as documentation, formal attestations by business unit or IT representatives, providing - Assists in the coordination and completion of information security operations documentation. Provide Information Security (Cybersecurity) and Data Privacy thought leadership and guidance to AHM IT Infrastructure and Application Development Units. Components of this activity include but are not limited to Support Information Security Risk Division leadership in the development and implementation of strategies and campaigns to address risks or gaps and to reinforce Information Security (Cybersecurity) and Data Privacy practices, techniques and controls across Client Research, evaluate and recommend Information Security (Cybersecurity) and Data Privacy technologies, then developing business cases that effectively capture the both quantative and qualitative characteristics of a technology project or proposal. Work with AHM IT Department to identify, select and implement appropriate technical controls for Information Security (Cybersecurity) and Data Privacy Play an advisory role in application development or acquisition projects to assess Information Security (Cybersecurity) and Data Privacy requirements and controls and to ensure that security controls are implemented as planned. Collaborate on critical IT projects to ensure that information security and data privacy risks and concerns are addressed throughout the project life cycle. Partner with AHM IT personnel and become a trusted resource and authority on information security and data privacy technologies, practices and techniques. Required Skills - MUSTS Bachelor's degree in information systems or equivalent work experience. Industry-accepted Certification n for Information Security or Data Privacy Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST) frameworks. Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation. Audit, compliance or governance experience is required Experience implementing Generally Accepted Privacy Principles (GAPP) or COBIT Experience in developing, documenting and maintaining security policies, processes, procedures and standards. Experience developing andor implementing a governance model for privacy and confidentiality. Experience with consumer credit, consumer andor retail services marketing, and supplier management is beneficial. Experience in developing and documenting security architecture and plans, including strategic, tactical and project plans. Experience overseeing information security andor data privacy projects from concept through implementation. Strong understanding of business applications, including ERP and financial systems. Excellent technical knowledge of mainstream operating systems for example, Microsoft Windows and UNIX and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools. Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts. Must be self-motivated with strong analytical, organizational, planning and problem solving skills. Strong technical and business writing skills, as well as strong communication skills. Ability to communicate well with technical teams, executives, auditors and business owners and other stakeholders as required Business Experience 10 yrs. experience with information security, privacy, or related field preferably in the captive finance or banking industries Strong proficiency in performing enterprise risk, business impact, control, vulnerability, and privacy impact assessments. In-depth knowledge of risk assessment methods and technologies. In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls. The Business Analyst will assist with the following key tasks Support Third-Party vendor risk assessment processes utilizing strategic partnerships with multiple internal stakeholder groups (procurement, legal, and business side operations). Ensure North America Client companies are following all required Global Regional policiesstandards via assessments and audits of existing processes. Partner with other internal non-IT, and external groups to stay aware the changing landscape e.g., new legislation and changes to existing legislation. Partner with all North America Client companies to provide support and provide guidance on remediationcountermeasure plans regarding area requiring strengthening in security privacy. Monitor and report on remediationcountermeasure status monthly working with the remediation owners. Support GRC project activities as required to achieve unit level objectives these may include but are not limited to monitoring project progress, tracking non-compliant activities, resolving problems, publishing progress reports, remediation consultation, and driving remediation activities to completion. Improve technical and business process by studying current practices, identifying problems and recommending solutions. Support project managers as requested in performing daily, weekly, monthly, reviews and project updates. Maintain and expand current documentation for policy privacy compliance program activities as required in support of the daily operations. Perform other assigned tasks as need for the GRC Unit as requested by leaders. WANTS Previous working experience with GRC and in Information Technology with defining, analyzing, and documenting process, procedures related to disciplines within IT Understanding of regulated environment or related IT audit background and Information security related projects. Demonstrate extensive knowledge of Third-Party Vendor Risk Management - SOC2 Type 2 report analysis - Data Security Safeguard Agreements (DSSA) - Contractual review processes - Penetration test results analysis - HITRUST and ISO Certification analysis Demonstrate knowledge of Risk Management Processes - Risk triage process - Risk exception process Demonstrate broad competency and understanding in a variety of areas - Governance, Risk, Compliance general practices and operational activities - Policy development - Standards development - Risk Management - Compliance - Privacy - EU GDPR - CCAP - NY Privacy Shield - Security - Traditional security (App, OS, DB, and Network) - Mobile application security - Cloud security (IaaS, PaaS) Unique Skills Required (REQ)Desired Understanding of Third-Party Vendor Risk Management processes practices (REQ) General IT auditing process practices (REQ) Understanding of control framework NIST-800-53, ISO270001, privacy legislation (REQ) Min. of 5 years of direct exp. as Data Privacy Governance, Risk and Compliance (GRC) Analyst (REQ) Automotive Captive FinanceBanking (PREFERRED) Why Kelly Registered ? By partnering with KellyRegistered Technology, you'll have direct connections to top companies around the globe-giving you the chance to put your tech skills to work on some of today's most intriguing, innovative, and high-visibility projects. In a world where change is the only constant, our unparalleled connections and IT market expertise help you take your skills exactly where you want to go. We're here to help you gain experience, keep learning, and move your career forward. About Kelly Registered At Kelly, we're always thinking about what's next and advising job seekers on new ways of working to reach their full potential. In fact, we're a leading advocate for temporarynontraditional workstyles, because we believe they allow flexibility and tremendous growth opportunities that enable a better way to work and live. Connecting great people with great companies is what we do best, and our employment opportunities span a wide variety of workstyles, skill levels, and industries around the world. Kelly is an equal opportunity employer committed to employing a diverse workforce, including, but not limited to, minorities, females, individuals with disabilities, protected veterans, sexual orientation, gender identity. Equal Employment Opportunity is The Law.

Keywords: Kelly IT, Los Angeles , Security Analyst III, Other , Los Angeles, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Other Jobs


CDL Drivers: Find The Best Trucking Job
Description: Hiring CDL drivers in your area. Apply once and choose a trucking job that works for you. Get home when you want to, and get paid what you deserve
Company: Live Trucking
Location: Yucaipa
Posted on: 12/4/2020

CDLA Team Truck Driving Jobs
Description: US Xpress has a NEW Opening for Class A CDL Team Drivers. This is a unique, limited time opportunity
Company: US Xpress
Location: Yucaipa
Posted on: 12/4/2020

Dedicated, Regional & OTR Truck Driving Jobs
Description: Hiring CDL drivers in your area. Apply once and choose a trucking job that works for you. Get home when you want to, and get paid what you deserve
Company: Live Trucking
Location: Yucaipa
Posted on: 12/4/2020


HIRING: CDL Drivers
Description: Hiring CDL drivers in your area. Apply once and choose a trucking job that works for you. Get home when you want to, and get paid what you deserve
Company: Live Trucking
Location: Yucaipa
Posted on: 12/4/2020

Class A Team Driver Jobs: Earn up to 80 CPM!
Description: US Xpress has a NEW Opening for Class A CDL Team Drivers. This is a unique, limited time opportunity
Company: US Xpress
Location: Yucaipa
Posted on: 12/4/2020

Commercial Team Truck Driver Jobs: Earn up to 80 CPM!
Description: US Xpress has a NEW Opening for Class A CDL Team Drivers. This is a unique, limited time opportunity
Company: US Xpress
Location: Yucaipa
Posted on: 12/4/2020

CDLA Team Driver Jobs
Description: US Xpress has a NEW Opening for Class A CDL Team Drivers. This is a unique, limited time opportunity
Company: US Xpress
Location: Yucaipa
Posted on: 12/4/2020

Senior Systems Engineering Lead
Description: Boeing Research and Technology is looking for an Senior Systems Engineering Lead in El Segundo CAIn pursuit of Boeing's research and business interests, the successful candidate will:Work on leading edge (more...)
Company: BOEING
Location: San Gabriel
Posted on: 12/4/2020

Class A CDL Team Truck Drivers: Earn up to 80 CPM!
Description: US Xpress has a NEW Opening for Class A CDL Team Drivers. This is a unique, limited time opportunity
Company: US Xpress
Location: Yucaipa
Posted on: 12/4/2020

HIRING: Truck Drivers
Description: Hiring CDL drivers in your area. Apply once and choose a trucking job that works for you. Get home when you want to, and get paid what you deserve
Company: Live Trucking
Location: Yucaipa
Posted on: 12/4/2020

Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Los Angeles RSS job feeds