Information Security Analyst-Risk/Awareness
At COUNTRY Financial, our Governance, Risk and Compliance team has an open position for an Information Security Analyst. This position will help safeguard the organization’s information through the performance of risk assessments, influence on policy and standards and contribution to security awareness. In this role your skills, experience and knowledge of information security will help the organization ensure vendors, applications and organizational changes occur within the boundaries of the organization’s risk tolerance.
This role participates in projects and risk assessments as a security consultant or advisor on risk, helps in raising awareness across the organization’s employees and identifies changes to our governance program to ensure alignment between actions and policy. Staying current with industry specific security trends and changes in regulations and providing detail to project teams regarding security requirements. Creates and presents risk reports, policies, results and deliverables.
- Influencing, strengthening and administering security awareness in the organization.
- Structuring awareness program based on influence from NIST 800-50
- Identifying changes to the Information Security Program based on changes to the threat landscape and in solutions and controls to safeguard against risk.
- Possesses a holistic view of an Information Security Program and the role of key components to ensure protection of information.
- Exposure to industry standard Risk Assessment approaches such as NIST 800-30.
- Ability to drive assessments through interviews and relationships to understand and quantify appropriate risks.
- Participates in projects and assessments on risk determination for vendors, systems, applications and controls.
- Ability to identify, quantify and communicate risk to customers with a wide variety of backgrounds (technical and business).
- Knowledge of pertinent regulations to understand drivers for controls and adherence to program. Specific regulations and security standard knowledge for GLBA, PCI, HIPAA, FFIEC.
- Bachelor’s degree and at least 5 years of experience in information technology OR,
- Master’s degree and at least 3 years of experience in information technology OR,
- At least 7 years of experience in information technology.
- Industry relevant certifications such as CISSP, CRISC, CISA, CGEIT, Security .
- Effective communication skills enabling communication of complex information to various audiences both verbally and in writing.
- Ability to establish trust with partners through demonstration of knowledge and commitment to security.
- Understanding of the role of the Information security Program in the security of an organization’s.
- Strong knowledge and understanding of the role of technical, administrative and physical controls in securing information
- Confidence to recommend changes and improvements to the security program.
- Ability to manage multiple projects and engagements simultaneously.
Meet Some of COUNTRY Financial's Employees
Judy often feels more like a counselor than a financial advisor because she’s so close to the everyday happenings of her clients, guiding them to make smarter financial decisions.
Back to top