Security Risk Analyst
2 days ago
At Alcoa, you will become an essential part of our purpose: to turn raw potential into real progress. The way we see it, every Alcoan is a work-shaper, team-shaper, idea-shaper, world-shaper.
As a leader within Alcoa, you can help us fulfill our purpose and realize our vision to reinvent the aluminum industry. Be part of the team that is helping shape a better workplace with a better work-life balance and the equal opportunities that help everyone thrive. You have the power to shape things to make them better.
About the Role:
As the Security Risk Analyst, you will participate with the development of our new program. Your input will be key in designing and implementing the program, that is still in its developmental stage. This professional will be joining our Governance Risk & Compliance (GRC) team within the Information Technology & Automation Systems (ITAS) department. The Security Risk Analyst will be responsible for optimizing the IT risk management program that balances risk, compliance, and cost, to align with the Company's business goals and ITAS strategy.
- Contribute to the development of the IT Risk Management Program (policy, standards development, implementation, GRC platform configuration and adoption)
- Conduct independent and comprehensive system risk assessments of the management, operational, and technical security controls and enhancements employed within or inherited by a system to determine the overall effectiveness of the controls.
- Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a risk assessment or major change.
- Assess all applicable system component configurations baselines or benchmarks for currency during the system risk assessment and during change or updates for release management processes.
- Provide a comprehensive assessment of the weakness or deficiencies in the information systems and prepares the final security control gap analysis and system risk assessment report containing the results and findings from the assessment.
- Ensure that system owner corrective action plans (CAPs) are in place for vulnerabilities identified during risk assessments, audits, or self-assessments.
- Provide input to the Risk Management process and maintain and update risk management policies, standards, guidelines, and procedures.
- Validate and update security documentation reflecting the application or system security design.
- Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
- Lead the reporting efforts for all information system weakness or deficiencies plus CAPs.
- Configure and manage the risks and KPI's in a GRC platform.
- In combination with the ITAS Security Awareness & Training Specialist, provide threat awareness, and education to Alcoa's users (or employees & contractors).
- Collaborate with active project teams to ensure risk is adequately managed for new system/infrastructure/security projects.
- Coordinate with the Enterprise Risk Management group for corporate level risk reporting.
- Partner with the Operations Risk Management group for overlap in information/Cybersecurity related risks.
- Bachelor's degree Information Systems Security or Management, Cybersecurity, Computer Science, Risk Management, or equivalent degrees.
- 6+ years of experience in Information Security/Cybersecurity risk and mitigation strategies, technologies, programs, and operations.
- Experience with regulatory compliance and information security management frameworks (ISO-27001, ISO-27002, ISO-27005, ISO-31000, NIST800-39, NIST800-53)
- Experience with GRC Platforms (AuditBoard) and one or more certifications such as CRISC, CGRC, GRCP™, ISC2 CGRC - preferred but not required.
- Knowledge of risk management processes, security architectures and technologies, data security, privacy principles, cyber defense, and vulnerability assessment tools.
- Familiarity with application vulnerabilities, identity, access control methods, networking concepts and protocols, and security methodologies
- Collaborate with stakeholders to make informed and balanced decisions about risk that balance the benefits of risk reduction and business performance.
- Performing business impact assessments, privacy impact assessments, and threat assessments.
- Interpreting system vulnerability and configuration scanner results to identify vulnerabilities.
- Previous experience working with a manufacturing or industrial organization, preferred but not required.
- 401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period), and a nonqualified deferred compensation plans;
- 15 days' vacation and one flexible holiday of your choice;
- Flexible spending accounts and generous employer contribution to the HAS;
- Paid annual volunteer hours;
- Career development opportunities to pursue your passions; and
- Social and diversity focused engagement opportunities.
#LI-TL2
#LI-Hybrid
#LI-Remote
About the Location
Working at the Pittsburgh Alcoa Corporate Center, located on the thriving North Shore of Pittsburgh, allows employees to experience firsthand, whether working virtually or on-site or a hybrid of the two, what being a values-based company means. Through daily interactions with colleagues and exposure to some of the organization's highest-level executives, the office creates an environment in which all employees can develop and contribute to their full potential. Outside of the office, Pittsburgh itself is one of the country's most livable and affordable cities - combining the city feel with small town charm.
We are values led, vision driven and united by our purpose of transforming raw potential into real progress. Our commitments to Inclusion, Diversity & Equity include providing trusting workplaces that are safe, respectful and inclusive of all individuals, free from discrimination, bullying and harassment and that our workplaces reflect the diversity of the communities in which we operate.
As a proud equal opportunity workplace and affirmative action employer, Alcoa is dedicated to providing equal opportunities and equal access to all individuals regardless of a person's gender, age, race, ethnicity, sexual orientation, gender identity, religion, nation of origin, disability, veteran status, language spoken or any other characteristic or status protected by the laws or regulations in the places where we operate.
If you have visited our website in search of information on U.S. employment opportunities or to apply for a position, and you require an accommodation, please contact Alcoa Recruiting via email at gssrecruiting@alcoa.com.
This is a place where you are empowered to do your best work, be your authentic self, and feel a true sense of belonging. Come join us and shape your career
Your work. Your world. Shape them for the better.
-
Cyber Security Analyst
2 weeks ago
Pittsburgh, Pennsylvania, United States Edgeworth Security Full timeCyber Security AnalystAt Edgeworth Security, we are seeking a highly skilled Cyber Security Analyst to join our team. As a Cyber Security Analyst, you will play a crucial role in ensuring the security and integrity of our digital infrastructure. Your primary responsibility will be to monitor our systems, identify potential security threats, and assist in...
-
Information Security Risk
4 months ago
Pittsburgh, United States Carnegie Mellon University Full timeThe Computing Services central IT department provides services that have a strategic impact on university goals. We make service decisions based on interaction and valuable input from colleagues engaged in the education, research, and administration efforts of the university. We are a learning organization and approach successes and mistakes as a learning...
-
Security Risk Management Specialist
1 week ago
Pittsburgh, Pennsylvania, United States Alcoa Full timeAbout the Role:As a Security Risk Analyst at Alcoa, you will play a crucial role in shaping the company's risk management program. Your input will be key in designing and implementing a comprehensive program that balances risk, compliance, and cost, aligning with the Company's business goals and IT strategy.Key Responsibilities:Contribute to the development...
-
Information Security Risk Manager
2 weeks ago
Pittsburgh, Pennsylvania, United States Carnegie Mellon University Full timeAbout the RoleCarnegie Mellon University's Computing Services department is seeking a highly skilled Information Security Risk & Compliance Analyst to join our team. As a key member of our team, you will play a critical role in assessing, documenting, and implementing various controls for the University.Key ResponsibilitiesAssist in enhancing existing risk...
-
Lead Security Analyst
3 weeks ago
Pittsburgh, United States Synergy Staffing Full timeJob DescriptionJob DescriptionJob Summary:The Lead Security Analyst will be responsible for overseeing and managing the security operations of the organization to ensure the integrity, confidentiality, and availability of critical data and systems. This role requires a hands-on leader who can guide the security team, analyze potential threats, and implement...
-
Risk Modeling Analyst
1 month ago
Pittsburgh, Pennsylvania, United States Prequel Solutions Full timeJob Title: Risk Modeling AnalystWe are seeking a highly skilled Risk Modeling Analyst to join our team at Prequel Solutions. As a Risk Modeling Analyst, you will play a critical role in maintaining and improving our analytical systems that drive market risk measurement and reporting.Key Responsibilities:Design and Implement Operational Workflows: Develop and...
-
Cyber Security Analyst Position
7 days ago
Pittsburgh, Pennsylvania, United States Covestro Full timeWe are Covestro, a company that values curiosity, courage, and colorfulness. We are refining chemical material solutions with game-changing products and empowering our employees to push boundaries.The Cyber Defense Team at Covestro is seeking a Junior Cyber Security Analyst to join a matrixed organization with leadership in Germany. The team is organized...
-
Business Risk Analyst
7 days ago
Pittsburgh, Pennsylvania, United States US Tech Solutions Full timeAbout the Role:We are seeking a highly skilled Business Risk Analyst to join our team at US Tech Solutions. As a Business Risk Analyst, you will be responsible for communication and coordination with internal stakeholders, information gathering, and maintaining documentation.Key Responsibilities: Communicate and coordinate with internal stakeholders to...
-
Risk Modeling Analyst
2 weeks ago
Pittsburgh, PA , USA, United States FHLBank Pittsburgh Full timeJob SummaryThe Risk Modeling Analyst supports the market risk measurement and reporting function by maintaining responsibility for the technical underpinnings of the Market Risk department's analytical systems. This includes integration and testing of third-party prepayment and default models, deal structuring libraries, term structure models, and other...
-
Risk Modeling Analyst
7 days ago
Pittsburgh, Pennsylvania, United States Prequel Solutions Full timeJob Description:Prequel Solutions is seeking a highly skilled Risk Modeling Analyst to join our team in Pittsburgh, PA. This role focuses on maintaining and improving the analytical systems that drive market risk measurement and reporting. Responsibilities include integrating and testing third-party prepayment and default models, structuring deals using...
-
Risk Modeling Analyst
7 days ago
Pittsburgh, PA , USA, United States FHLBank Pittsburgh Full timeJob SummaryThe Risk Modeling Analyst supports the market risk measurement and reporting function by maintaining responsibility for the technical underpinnings of the Market Risk department's analytical systems. This includes integration and testing of third-party prepayment and default models, deal structuring libraries, term structure models, and other...
-
Risk Modeling Analyst
1 month ago
Pittsburgh, United States Prequel Solutions Full time $90,000 - $130,000Prequel is seeking a highly skilled Risk Modeling Analyst for a full-time position with a flagship financial services organization in Pittsburgh, PA. This role focuses on maintaining and improving the analytical systems that drive market risk measurement and reporting. Responsibilities include integrating and testing third-party prepayment and default...
-
Sr Info Security Analyst II
1 month ago
Pittsburgh, United States Duquesne Light Company Full timeDuquesne Light Company, headquartered in downtown Pittsburgh, is a leader in providing electric energy and has been in the forefront of the electric energy market, with a history rooted in technological innovation and superior customer service. Today, the company continues its role as a leader in the transmission and distribution of electric energy,...
-
Risk Modeling Analyst
1 month ago
Pittsburgh, United States Prequel Solutions Full timePrequel is seeking a highly skilled Risk Modeling Analyst for a full-time position with a flagship financial services organization in Pittsburgh, PA. This role focuses on maintaining and improving the analytical systems that drive market risk measurement and reporting. Responsibilities include integrating and testing third-party prepayment and default...
-
Risk Modeling Analyst
1 month ago
Pittsburgh, United States Prequel Solutions Full timePrequel is seeking a highly skilled Risk Modeling Analyst for a full-time position with a flagship financial services organization in Pittsburgh, PA. This role focuses on maintaining and improving the analytical systems that drive market risk measurement and reporting. Responsibilities include integrating and testing third-party prepayment and default...
-
Risk Modeling Analyst
1 month ago
pittsburgh, United States Prequel Solutions Full timePrequel is seeking a highly skilled Risk Modeling Analyst for a full-time position with a flagship financial services organization in Pittsburgh, PA. This role focuses on maintaining and improving the analytical systems that drive market risk measurement and reporting. Responsibilities include integrating and testing third-party prepayment and default...
-
Security Analyst
1 month ago
Pittsburgh, United States IntePros Full timeIntePros is excited to partner with a Fortune 200 Investment Banking and Financial Company in helping them identify an Information Security Analyst for a critical engagement in Pittsburgh, PA.Security Analyst role & responsibilities:The Information Security Analyst, Identity Access Management Operations candidate will establish client, account, user, and...
-
Security Analyst
4 weeks ago
Pittsburgh, United States IntePros Full timeIntePros is excited to partner with a Fortune 200 Investment Banking and Financial Company in helping them identify an Information Security Analyst for a critical engagement in Pittsburgh, PA.Security Analyst role & responsibilities:The Information Security Analyst, Identity Access Management Operations candidate will establish client, account, user, and...
-
Security Analyst
1 month ago
Pittsburgh, United States IntePros Full timeIntePros is excited to partner with a Fortune 200 Investment Banking and Financial Company in helping them identify an Information Security Analyst for a critical engagement in Pittsburgh, PA.Security Analyst role & responsibilities:The Information Security Analyst, Identity Access Management Operations candidate will establish client, account, user, and...
-
Risk Management Analyst
2 weeks ago
pittsburgh, United States A.C.Coy Company Full timeNo 3rd parties/Sub VendorsU.S. Citizenship or Green Card requiredLocation: Pittsburgh, PA (3 days on-site - 2 days remote per week Hybrid arrangement)Overview: A.C. Coy has an immediate need for an Enterprise Risk Management Analyst (ERM Analyst). This individual will be responsible for interacting with and providing guidance and assistance to business unit...
