LaSalle Network has partnered with a client seeking a Senior Governance Analyst to leverage advanced skills to help protect the organization from the activities of cyber criminals, such as hackers and developers of malicious software.
This position will work closely with Threat & Vulnerability teams as well as the Security Incident Response team to help identify and mitigate security risks. There are several areas of work that help assess and document these risks, including adherence to standards and any exceptions to them, as well as the assessment of vendors. This position will also help internal groups as they seek to implement solutions to business needs within the structure of security standards, identifying where they would be challenged and how to apply controls to these areas. This position will also assess the risk of existing and potential new business partners that the company is engaging by reviewing the relevant security policies and practices of those vendors.
Senior Governance Analyst Responsibilities:
- Interface with IT and Business units where clarification of security standards is required
- Evaluate requests for variance from standards, including identification of risks and suitable compensating controls
- Follow up on expiring requests, and report on outstanding requests
- Identify prospective vendors and partners which may require security assessment
- Interface with business partners considering a potential partner to identify relevant usage characteristics
- Request security assessment information from prospective vendors and evaluate results and evidence submitted to gauge risks involved
- Prepare assessment reports to inform business partners of overall risk presented by the prospective partners and suggest any needed controls
- Other projects or duties as assigned
Senior Governance Analyst Requirements:
- Bachelor’s degree in engineering, computer science, or other IT related field and 2+ years of experience working in a security risk assessment or security-focused compliance role OR high school diploma and 5+ years of experience working in a security role involving risk assessment and security compliance/testing
- 2+ years of experience writing, communicating or interpreting security standards with an ability to determine applicability of standards to engineering projects, and the insight to identify gaps in standards coverage
- 2+ years of experience in evaluating, negotiating and managing information security risks and/or exceptions and associated processes
- 2+ years of experience with assessment tools such as SIG, VSA and CAIQ
- 2+ years of experience with risk assessment methodology such as CIS-RAM
- Ability to interface with a wide range of roles in technical and business capacities
Thank you,
Josh Novekoff
Recruiting Lead
LaSalle Network
#LI-DNP
LaSalle Network is an Equal Opportunity Employer m/f/d/v.
LaSalle Network is the leading provider of direct hire and temporary staffing services. For over two decades, LaSalle has helped organizations hire faster and connect top talent with opportunities, from entry-level positions to the C-suite. With units specializing in Accounting and Finance, Administrative, Marketing, Technology, Supply chain, Healthcare Revenue Cycle, Call Center, Human Resources and Executive Search. LaSalle offers staffing and recruiting solutions to companies of all sizes and across all industries. LaSalle Network is the premier staffing and recruiting firm, earning over 100 culture, revenue and industry-based awards from major publications and having its company experts regularly contribute insights on retention strategies, hiring trends and hiring challenges, and more to national news outlets.
