Senior Information Security Risk Analyst

Location: Bethesda, Maryland
Date Posted: 11-09-2018
Position Title: Senior Information Security Risk Analyst
Location: Bethesda, Maryland 20814
Work Status: W2
Position Status: (Full Time, Contract, Contract to Hire)
Compensation: 6 month contract to hire
Position Description:
  • Demonstrate solid knowledge on technology processes within infrastructure, information security, SDLC and Enterprise Service Management utilizing various IT controls frameworks (i.e. COBIT 5)
  • Understand and articulate risks associated with technology processes and IT general controls and identify process and control gaps proactively
  • Liaise across relevant business, technology, and control functions to prioritize risks, challenge technology risk decisions, assumptions and tolerances, and drive appropriate risk response.
  • Contribute to the establishment of metrics and tools to assess and report on inherent risks, control strength and residual risk in a consistent and objective manner.
  • Assist with the development and validation of remediation plans for technology deficiencies by providing effective challenge.
  • Monitor internal and external business, regulatory and technology environment to identify new or emerging risks and verify remediation of issues.
  • Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment.
  • Possesses strong analytical skills
  • Certification: CISSP, CISA, CRISC or equivalent designation
  • Active in the technology industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technology.
  • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals.
Our client is looking for Security Risk Analyst candidates for a position located in Bethesda, MD
Required Education: Bachelor's Degree in Information Systems or related field or an equivalent combination of education and experience
Required Skills:
  • Experience working with Risk, Security or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, AICPA).
  • Strong understanding of technology processes, risks and issues including infrastructure, information security, SDLC and Service Management (knowledge within cloud computing is preferred, specifically AWS.
  • Strong oral and written communication skills and ability to work well with others and in a collaborative, complex and fast paced environment.
  • Capable of identifying, evaluating and mitigating significant risks within an enterprise.
  • Basic knowledge of SOC2 attestation reports.
  • Strong working experience with Microsoft Office Suite and GRC tools.
  • Must have and maintain at least one of the following certification: CISSP, CISA, CRISC or equivalent designation.
  • Ability to document and explain risks and vulnerabilities to both business and technical stakeholders
  • Must have past experience performing vulnerability research and reporting.
About Seneca Resources:
Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry.  Seneca Resources is a leading IT services provider with offices in, Alabama, Georgia, Pennsylvania, Virginia & Texas that service clients throughout the United States.  The key to our success lies within our strong corporate culture which drives our business.  We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement.  In turn, we look for only the best and brightest to join our team.
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
this job portal is powered by CATS