Lead Information Security Risk Assessor
1 week ago
The Lead Information Security Risk Assessor plays a crucial role in evaluating, verifying, and auditing technology and business process controls across the organization, ensuring compliance with relevant regulations and standards.
This position involves conducting comprehensive risk assessments that require thorough analysis and evaluation of IT systems and business processes.
Moreover, the Assessor will engage in assessing risks associated with third-party and fourth-party vendors, identifying control weaknesses, and providing recommendations for remediation in alignment with organizational policies and regulatory mandates.
Key Responsibilities
- Conduct compliance evaluations; facilitate remediation strategies, track exposures, and communicate risks in accordance with applicable regulatory frameworks.
- Leverage security architecture expertise to collaborate with the Enterprise Risk team in managing technology-related risks.
- Support the Vendor Management Team by providing technical insights for third and fourth-party supply chain security assessments, audits, and verification processes, while making risk mitigation recommendations as necessary.
- Implement or suggest adaptive security measures based on investigative outcomes and threat monitoring, ensuring compliance during changes in the production environment.
- Evaluate systems of varying complexity to gather, review, and interpret evidence, validating the effectiveness of controls with a focus on regulatory compliance.
- Lead assessment interviews and tests to uncover technology control deficiencies that may pose risks to the organization.
- Assist management with IT audits and regulatory compliance obligations as required.
- Contribute to the development of risk assessments, risk mitigation strategies, and performance reporting by collaborating with IT and other business units.
- Act as a liaison between Enterprise Risk and Information Technology/Information Security to enhance the organization's capability to identify operational risks, emphasizing continuous control monitoring and emerging cybersecurity threats.
Additional Responsibilities
- Ensure adherence to Northwest LLC's policies and procedures, as well as federal and state regulations.
- Utilize Microsoft Office and department-specific software to enhance efficiency and productivity.
- Collaborate effectively as part of a team.
- Operate on-site equipment as necessary.
Safety and Health Responsibilities
- Comply with safety and loss prevention protocols.
- Perform all tasks in a safe manner.
- Report any injuries to a supervisor promptly.
- Be prepared for emergency situations.
Qualifications
To excel in this role, candidates must demonstrate the ability to perform essential duties effectively. The following qualifications are necessary:
Education
A Technical Degree in Information/Cyber Security or Risk Management, or an Associate's or Bachelor's Degree in the same fields.
Work Experience
- Minimum of 6 years of direct experience as a PCI Assessor.
- At least 6 years of general IT functional experience.
Core Knowledge, Skills, and Abilities
- Ability to foster effective working relationships and collaborate on problem-solving and decision-making.
- Strong communication skills, both oral and written, with the ability to present ideas clearly.
- Active listening skills to ensure understanding and facilitate open communication.
- Proficient in setting personal goals, tracking progress, and utilizing resources effectively.
- Sound judgment and decision-making abilities in complex situations.
Additional Skills and Knowledge
Ability to assess security requirements by analyzing business needs, conducting security and vulnerability assessments, and reviewing architecture/platforms.
Experience in performing risk assessments and testing data processing systems to ensure operational integrity and security measures.
Subject Matter Expert in relevant regulatory frameworks and best practices for security architecture and design.
Proficient in evaluating cybersecurity controls and technology configurations.
Experience in developing and maintaining a global policy governance framework.
Experience in managing and updating controls related to policies, standards, and regulatory requirements as necessary.
Licenses and Certifications
Relevant certifications in Information Security, such as Security +, CISSP, CISA, etc., are required upon hire.
CISA certification is also required upon hire.
Northwest LLC is an Equal Opportunity Employer, welcoming applicants from diverse backgrounds, including protected veterans and individuals with disabilities.
The organization prohibits discrimination against employees or applicants for inquiring about, discussing, or disclosing their own pay or the pay of others.
However, employees with access to compensation information as part of their job functions cannot disclose this information to individuals without access unless required by law or in response to formal inquiries.
41 CFR c)-
Chief Information Security Risk Evaluator
2 weeks ago
Columbus, Ohio, United States Northwest Bancorp, Inc. Full timePosition OverviewThe Lead Information Security Risk Assessor plays a crucial role in safeguarding the integrity of our organization's information systems. This position is pivotal in conducting thorough evaluations, verifications, and audits of both technological and operational controls throughout the enterprise.Key ResponsibilitiesPerform comprehensive...
-
Chief Information Security Risk Evaluator
2 weeks ago
Columbus, Ohio, United States Northwest LLC Full timeThe Lead Information Security Risk Assessor plays a crucial role in evaluating, validating, and auditing technology and business process controls across the organization. This position focuses on compliance with regulatory standards, particularly those outlined in GLBA Appendix B, which pertains to Information Security Risk Assessment and Access Control to...
-
Columbus, Ohio, United States Northwest LLC Full timeThe Lead Information Security Risk Assessor plays a crucial role in evaluating, validating, and auditing technology and business process controls across the organization in accordance with regulatory standards. This position entails conducting comprehensive risk assessments that involve scrutinizing IT and business systems and processes. Moreover, the Lead...
-
Columbus, Ohio, United States Northwest Bancorp, Inc. Full timePosition OverviewThe Lead Information Security Risk Assessor plays a crucial role in the evaluation and verification of technology and business process controls throughout the organization. This position is essential for ensuring compliance with regulatory requirements and safeguarding sensitive information.Key ResponsibilitiesConduct thorough assessments of...
-
Columbus, Ohio, United States Sutton Bank Full timeJob SummarySutton Bank is seeking a highly skilled Information Security Risk Analyst to join our team. As a liaison between the Information Security Office and various department executives, you will be responsible for identifying, testing, and implementing controls to mitigate risks and ensure compliance with regulatory frameworks.Key...
-
Enterprise Risk Analyst
5 days ago
Columbus, Ohio, United States Sutton Bank Full timeJob SummarySutton Bank is seeking a highly skilled Information Security Risk Analyst to join our team. As a liaison between the Information Security Office and various department executives, you will be responsible for identifying, testing, and implementing controls to mitigate risks and ensure compliance with regulatory frameworks.Key...
-
Head of Information Security Strategy
2 weeks ago
Columbus, Ohio, United States Synovus Full timeJob OverviewPosition Summary:The Head of Information Security Strategy is responsible for providing strategic vision and leadership in the development, execution, and integration of comprehensive information security initiatives within the Synovus framework. This role involves active participation in operational processes to ensure the seamless functionality...
-
Information Security Compliance Analyst II
2 weeks ago
Columbus, Ohio, United States Educational Media Foundation K-LOVE & Air1 Media Networks Full timeAre you ready to protect our digital landscape? Join us as a Governance Risk Compliance Analyst II (GRC) and immerse yourself in the core of our GRC initiatives. In this pivotal role, you will advocate for PCI Compliance, enhance our compliance frameworks, and expertly lead audits. Your objective? Propel ongoing enhancements, leverage innovative...
-
Solar Energy Site Assessor
2 weeks ago
Columbus, Ohio, United States Blue Raven Solar Full timeSolar Energy Site AssessorJob Level: Entry-Level Shift: Full-time (40+ hours) Compensation: $18-20/hour Benefits: Full-time employees are eligible for Health, Dental, Vision, Life, and Accident insurance, and a Health Savings Account. Position Overview: We are looking for a meticulous and skilled Solar Energy Site Assessor to contribute significantly to...
-
Network Security Engineer, Lead
2 months ago
Columbus, Ohio, United States Fiserv, Inc. Full timeNetwork Security Engineer, LeadFiserv, Inc. - Columbus, OHCalling all innovators – find your future at Fiserv.We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants, and consumers to one another millions of times a day – quickly,...
-
Security Officer
5 days ago
Columbus, Ohio, United States Brosnan Risk Consultants Full timeAbout Brosnan Risk ConsultantsWe are a leading provider of exceptional security services nationwide, committed to promoting a positive and professional work environment. Our company values its employees and clients, and we pride ourselves on providing a great opportunity for career advancement and professional growth.Job SummaryWe are seeking a highly...
-
Security Risk Management Consultant
5 days ago
Columbus, Ohio, United States Sutton Bank Full timeJob SummarySutton Bank is seeking a highly skilled Information Security Risk Analyst to join our team. As a liaison between the Information Security Office and various department executives, you will be responsible for identifying, testing, and implementing controls to mitigate risks and ensure compliance with regulatory frameworks.Key...
-
Security Professional
5 days ago
Columbus, Ohio, United States Sunstates Security Full timeAbout the RoleSunstates Security is seeking a highly skilled and dedicated individual to join our team as a Security Officer. As a Security Officer, you will be responsible for ensuring the safety and security of our clients and their properties.Key ResponsibilitiesProvide exceptional customer service and ensure a high level of customer satisfactionConduct...
-
Lead Treasury Risk Analyst
1 week ago
Columbus, Ohio, United States Northwest Bank Full timeThe Senior Financial Risk Analyst plays a crucial role in the formulation of quantitative and analytical frameworks that support the organization's strategies for managing interest rate and liquidity risks. This position also encompasses oversight of transactions and reporting related to securities, foreign exchange, interest rate swaps, and borrowings. The...
-
Lead Treasury Risk Analyst
1 week ago
Columbus, Ohio, United States Northwest Bank Full timeThe Senior Financial Risk Specialist plays a crucial role in the formulation of quantitative and analytical frameworks to enhance the organization's interest rate and liquidity risk management strategies. This position also encompasses support for transactions and reporting related to securities, foreign exchange, interest rate swaps, and borrowings....
-
Lead Treasury Risk Analyst
1 week ago
Columbus, Ohio, United States Northwest Bank Full timeThe Senior Financial Risk Analyst plays a pivotal role in the formulation of quantitative and analytical frameworks that bolster the organization's interest rate and liquidity risk management strategies. This position also encompasses support for transactions and reporting related to securities, foreign exchange, interest rate swaps, and borrowings. The...
-
Head of Risk Management
1 week ago
Columbus, Ohio, United States Fiserv Full timeAbout the RoleJoin Fiserv, a prominent player in the Fintech and payments industry, where we facilitate the movement of money and information globally.Key ResponsibilitiesOversee risk management strategies to ensure the security and integrity of financial transactions.Collaborate with various stakeholders, including financial institutions and corporations,...
-
Head of Cybersecurity Risk Management
2 weeks ago
Columbus, Ohio, United States Fiserv Full timeJoin Fiserv as a Leader in Cybersecurity Risk Management At Fiserv, we are at the forefront of financial technology and payment solutions, facilitating secure transactions and data management globally. Our mission is to connect financial institutions, businesses, and consumers seamlessly and securely. Position Overview As the Head of Cybersecurity Risk...
-
Vendor Risk Management Analyst
2 weeks ago
Columbus, Ohio, United States TEKsystems Full timeJob OverviewTEKsystems is collaborating with a leading Fortune 500 organization seeking a Security Analyst to join their team. This role is ideal for individuals with 2-5 years of IT experience, including a minimum of 2 years focused on Information Security.Key ResponsibilitiesThe primary focus of this position will be to conduct Third-Party Information Risk...
-
Information Security Analyst
2 weeks ago
Columbus, Ohio, United States American Municipal Power, Inc Full timeJob OverviewCompany: AMERICAN MUNICIPAL POWER, INC.Position: Cybersecurity SpecialistReporting To: Manager of Cyber Security & IT Project PortfolioFLSA Status: ExemptRole Summary: The Cybersecurity Specialist plays a crucial role in the design, implementation, and maintenance of the Cyber Security infrastructure at AMP. This includes various systems such as...
