Sr. Technology Risk and Compliance Analyst
- Conduct research on industry leading practices for risk governance
- Develop and maintain a Governance Risk and Compliance (GRC) framework that includes identification of applicable risks and threats for the organization, evaluation of risk tolerance levels, and creation of a comprehensive set of information security controls, policies, standards and guidelines.
- Conduct 3 rd party information security due diligence, reviewing vendors’ information security program and controls, and identifying risks for the services being contemplated.
- Work with sourcing, legal and business representatives to incorporate information security requirements into vendor contracts
- Work with client account representatives and sales executives to respond to information security questionnaires and due diligence requests from clients and prospects
- Assist in evaluating and implementing tools to support the GRC function
- Develop and implement a risk management capability to enable the Cybersecurity team to record, track, and report remediation and/or risk acceptance of identified issues from assessments
- Manage the central GRC application repository to ensure it is complete and up-to-date.
- Develop metrics, reports and dashboards for the Cybersecurity Program
- Manage the delivery of IT risk related projects / milestones, completing within timeframe and in line with stakeholder expectations.
- Maintain strong and effective working relationships with all constituent groups involved in risk management throughout the organization, promoting a risk aware culture.
- BA or BS in Information Technology, or related field, or equivalent work experience
- Minimum 5 – 7 years of working experience in Information Security, IT governance, IT risk, IT controls and/or IT compliance
- Knowledge of applicable laws, regulations and frameworks including PCI, SOX, and ISO
- Proficient in MS applications including Excel, Access and PowerPoint
- Strong presentation, verbal and written communication skills
- Effective facilitation and consensus-building skills
- Strong multi-tasking skills and the ability to work in a dynamic environment
- High degree of personal initiative
- Ability to work alone or as part of a team
Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 125 years and today has one of the world’s largest news gathering operations globally. It produces leading publications and products including the flagship Wall Street Journal, America’s largest newspaper by paid circulation; Factiva, Barron’s, MarketWatch, Financial News, DJX, Dow Jones Risk & Compliance, Dow Jones Newswires, and Dow Jones VentureSource.
Equal Opportunity Employer:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status. EEO/AA/M/F/Disabled/Vets
Requisition ID 2016-28434
Job Locations USA – NJ-PRINCETON
Job Function IT Development
Business Area TECHNOLOGY – INFO SEC
Job Area1 Technology
Job Area2 ..
Back to top