IT Risk Analyst

IN- PERSON ROLE This position will be provided by Milligan Partners and placed for a public agency client. The candidate will be eligible to be hired by the public agency client following a period of successful performance. TheIT Risk Analystconducts threat analysis to identify threats and cyber security risks to the information systems. TheIT Risk Analystwill help develop their company's cyber security defense strategy and safety protocols and implement firewalls, security software, data encryption, and other security measures. Responsibilities • Perform selected IT Risk Assessments on IT projects and controls • Develops summaries, reports and key risk profiles to identify vulnerabilities and trends to proactively inform the IT stakeholder • Responsible for providing required data for the management reporting and dashboards as part of the risk & controls horizontal function • Work with Infrastructure & Applications Teams to track details on open Audit items • Including a structured statement of the risk, ownership, and progress of work that is being done to ensure the critical and major items are closed out correctly within the agreed timelines • Works closely with the IT infrastructure/application teams in executing the risk, audit & controls strategy • Provides other functions deemed necessary and applicable by executive leadership Experience Required • 4+ yearsof experience in IT Security. • Knowledge of Governance, Risk and Compliance frameworks (COSO, COBIT etc) • Comfortable interfacing with cross functional teams on projects leading the planning and execution of projects • Experience identifying key risks and controls, recommending improved controls, performing controls readiness projects and identifying and assessing configuration of controls in financial reporting related business processes • Working knowledge of security products such as RACF • Exposure to server and database administration principles and practices Education • Associate or bachelor’s degree in Cybersecurity, IT Management or one of the following required: Computer Science, Computer Engineering, Information Technology. • Professional Security Certifications such as, GIAC, CISSP, CISM, CompTIA Sec+, CompTIA CySA+, CCNA-Security, SSCP, GSEC, and CAP, may be substituted for directly related work experience. Job Type: Full-time Pay: $65,000.00 - $95,000.00 per year Benefits: • 401(k) • Dental insurance • Health insurance • Paid time off • Vision insurance Application Question(s): • Have you supported a PCI DSS 4.0 audit before? • Have you supported a SOC 1 Type 2 audit before? • Have you supported a SOC 2 Type 2 audit before? Work Location: In person