Information Security Risk Analyst

Job Title: Information Risk Analyst - Information Security

Location: Coppell, TX [OR] Tampa, FL ( Choose Any 1 )

Hybrid: 3 days Onsite & 2 days REMOTE

Duration: 12 Months (CONTRACT TO HIRE)

Skills & Experience Needed:

• 5-10 years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management
• Financial Services Industry experience a plus but not mandate
• Proficiency with Information Risk Management best practices, standards, and frameworks
• Proven knowledge of technical infrastructure, networks, databases and systems and how they affect an organization's cybersecurity risk
• Proven knowledge of security methodologies, policies, standards and best practices
• Proven knowledge of information technology systems, infrastructure and operations
• CISSP/CISM/CRISC certification preferred but not mandate

Description:

The Senior Information Risk Consultant is responsible for performing risk assessments of applications, infrastructure, business and technology vendors against a defined risk framework, when needed as part of Risk Treatment. These assessments will be conducted either through a formalized risk assessment program or through other risk reporting activities (e.g., policy exceptions, risk acceptance). The Senior Information Risk Consultant will have the ability to identify risks in the way that a business and technology utilize information and the supporting technological systems.

Responsibilities:

• Participate in and influence information risk assessment process improvement
• Schedule and perform information risk assessments using our methodology; identify, document and communicate control deficiencies in business processes and technology systems
• Partner with the business and technology to agree cybersecurity risk findings identified through the risk assessment (e.g., vendor, application, infrastructure), new initiatives, and ad-hoc processes
• Provide risk remediation recommendations that the business and technology may implement to mitigate identified control gaps
• Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences
• Evaluate management responses to ensure that remediation plans and tasks adequately address identified control gaps
• Document risk issues in the designated risk register
• Assist the business and technology groups through the process for policy exceptions and risk acceptance, and work internally with the Risk Treatment team to address risks and issues efficiently.

Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.

Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit https://dexian.com/ to learn more.

Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.