Senior Risk Analyst - Technology& Cybersecurity Risk @ Guardian
: Job Details :

Senior Risk Analyst - Technology & Cybersecurity RiskGuardianWe provide life insurance, disability insurance, dental insurance, and other benefits that help protect people and inspire their well-being.The Senior Risk Analyst - Technology & Cybersecurity Risk will be responsible for assessing comprehensive and complex IT risks for the Technology organization. The role will look at people, process and technology to understand key risk areas, work with partners to manage mitigation roadmaps and projects.This leader, reporting to the Technology & Cyber Risk Officer, will work with key stakeholders including process and control owners in IT and cybersecurity teams. They will also coordinate with other functional areas such as Business Resiliency, Third Party and Compliance.You are:A strong leader who is action-oriented, detail-oriented and quality-focused.A leader with good interpersonal skills to engage and motivate.An out of the box thinker who can influence teams on IT Risk mitigations.An individual who understands concepts of risk management, control objectives, control design principles and can apply these concepts to the processes and technologies at hand.A lifelong learner  of new concepts and technical capabilities and can apply control objectives to them.An individual with knowledge of control test design, test execution and sampling methodology.An individual who can identify gaps in the risk processes and take a risk-based approach on coverage.An individual with broad knowledge of technology and technical concepts.A leader who can coordinate with stakeholders including middle management in IT, audit and external auditors.Manage budget and resources. Identify improvement opportunities and execute them - delivering on-time, on-scope and on-budget.You have:5+ years experience in the Technology and Cybersecurity risk management space.A background in IT risk or IT audit.A CISA, CISM or other relevant certifications (a plus).A college degree or significant coursework in technology, science/math, audit or technical/analytical areas.Strong understanding of technologies (databases, operating systems (Windows, Unix, Mainframe), applications, cloud) and associated controls.An understanding and application of frameworks including NIST Cybersecurity Framework, ISO 27001-4, etc.Experience in working with auditors and regulators.The ability to quickly learn and apply control concepts to new technologies.The ability to effectively convey status, issues, exceptions and risks to management (both oral and written).Experience operating in a shared service across multi-line organization.Experience working in a model with 3-lines of defense.Experience in executing projects on-time, on-scope, on-budget.Ability to build strong peer relationships both within and outside the organization.You will:Analyze technology risks to the organization and assess gaps.Work with stakeholders to understand potential solutions and define roadmaps to execute on the mitigations.Closely work with stakeholders to understand limitations and roadblocks; and take a risk-based approach to mitigation.Provide guidance/consulting on effectiveness on control design.Identify needs for new policies, processes, controls standards based on findings.Engage as appropriate in the SDLC to help design new controls.LocationTwo days a week at a Guardian Location in New York, NY, Holmdel, NJ or Bethlehem, PA.Salary Range$116,350.00 - $191,155.00The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.#J-18808-Ljbffr