american heart association
sr. cyber risk analystPosted
1 week 1 day ago
To see more jobs like this as they come available
Visit the Career page to search more jobs now
Scroll to the bottom to apply
Job Description
(click to see jobs for roles related to this one)
Sr. Cyber Risk Analyst - Chicago, Illinois
Overview As we celebrate our Centennial year, we invite you to join us in shaping the next century of impact. Be a relentless force for a world of longer, healthier lives as we remain devoted to a future of health and hope for everyone, everywhere. At the American Heart Association, your contribution matters, and so does your career. The
American Heart Association
has an excellent opportunity for a
Sr. Cyber Risk Analyst
in our
National Center
office located in
Dallas, TX (Home-based work available) . The Business Technology (BT) Sr. Cyber Risk Analyst is responsible for risk identification and management across the BT department and the overall American Heart Association organization. This position will support the BT Risk Manager in the management and administration of the Cyber/Risk Management program and Governance Risk and Compliance (GRC) processes and tools. The primary goal of the BT Risk Management team is to protect the confidentiality, integrity, and availability of American Heart Association's data. The Sr. Cyber Security Risk Analyst will partner with all appropriate parties to help ensure risks are managed appropriately to support the BT Risk Management needs of the American Heart Association. Responsibilities Active participation in developing and implementing strategic initiatives for the Cyber Risk Management Program (CRMP). Apply quantitative risk valuation models and tooling to inform and support strategic and tactical risk-based decisions. Enhance Vendor Security Assessment process by collaborating with business and technology stakeholders. Maintain security scorecards and metrics from vendors, corporate functions, and affiliated offices. Communicate technical issues to diverse audiences and have knowledge and/or experience in application and infrastructure security, public cloud. Review and analyze statistics of network events and system performance to locate and recommend remediation and lead strategies for discovered vulnerabilities. Assist and partner with the Affiliates on annual PCI Data Security Certification Process. Act as point of contact to coordinate Technical incident response and support incident response efforts. Conduct post-incident analysis to identify areas for improvement. Assist project teams in implementing security measures to meet corporate security policies and manage risk. Weight business needs against security concerns and articulate issues and options to management. Research and assess new threats and security alerts and recommend remedial action. Ensure proper documentation of technology assessment results and monitor remediation. Create Weekly and Monthly Status Reports, including daily technical task reports and threat management reports. Support the Business Technology Disaster Recovery process. Qualifications Bachelor's degree in Computer Sciences, Computer Engineering, Information Assurance, Information Security, or Risk Management. At least 6 years of experience applying information security controls methods, processes, and risk management best practices in a Global-International forum. Proven experience in successfully implementing PCI DSS framework. Strong technical information security knowledge to assess various information security and risk management processes and tools. Experience with Security Controls frameworks (e.g., CobIT, ISO 27001, NIST, PCI DSS) and knowledge of privacy regulations (e.g., GDPR, CPRA, CPA). Able to work effectively in a fast-paced environment characterized by multi-tasking and conflicting priorities. Strong communication and interpersonal skills, including documentation skills. Information Security Certification(s) preferred, which may include CEH, CISSP, PCI ISA, among others. Compensation
– Expected pay range will be $80,000 - $95,000. Pay is commensurate with experience. Benefits
– We offer a wide array of benefits including medical, dental, vision, disability, and life insurance. Work-Life Harmonization
– The Association offers Paid Time Off (PTO) at a minimum of 16 days per year for new employees. Tuition Assistance
- We support the career development of all employees. The American Heart Association’s 2024 Goal: Every person deserves the opportunity for a full, healthy life. Join our Talent Community! EOE/Protected Veterans/Persons with Disabilities
#J-18808-Ljbffr
Overview As we celebrate our Centennial year, we invite you to join us in shaping the next century of impact. Be a relentless force for a world of longer, healthier lives as we remain devoted to a future of health and hope for everyone, everywhere. At the American Heart Association, your contribution matters, and so does your career. The
American Heart Association
has an excellent opportunity for a
Sr. Cyber Risk Analyst
in our
National Center
office located in
Dallas, TX (Home-based work available) . The Business Technology (BT) Sr. Cyber Risk Analyst is responsible for risk identification and management across the BT department and the overall American Heart Association organization. This position will support the BT Risk Manager in the management and administration of the Cyber/Risk Management program and Governance Risk and Compliance (GRC) processes and tools. The primary goal of the BT Risk Management team is to protect the confidentiality, integrity, and availability of American Heart Association's data. The Sr. Cyber Security Risk Analyst will partner with all appropriate parties to help ensure risks are managed appropriately to support the BT Risk Management needs of the American Heart Association. Responsibilities Active participation in developing and implementing strategic initiatives for the Cyber Risk Management Program (CRMP). Apply quantitative risk valuation models and tooling to inform and support strategic and tactical risk-based decisions. Enhance Vendor Security Assessment process by collaborating with business and technology stakeholders. Maintain security scorecards and metrics from vendors, corporate functions, and affiliated offices. Communicate technical issues to diverse audiences and have knowledge and/or experience in application and infrastructure security, public cloud. Review and analyze statistics of network events and system performance to locate and recommend remediation and lead strategies for discovered vulnerabilities. Assist and partner with the Affiliates on annual PCI Data Security Certification Process. Act as point of contact to coordinate Technical incident response and support incident response efforts. Conduct post-incident analysis to identify areas for improvement. Assist project teams in implementing security measures to meet corporate security policies and manage risk. Weight business needs against security concerns and articulate issues and options to management. Research and assess new threats and security alerts and recommend remedial action. Ensure proper documentation of technology assessment results and monitor remediation. Create Weekly and Monthly Status Reports, including daily technical task reports and threat management reports. Support the Business Technology Disaster Recovery process. Qualifications Bachelor's degree in Computer Sciences, Computer Engineering, Information Assurance, Information Security, or Risk Management. At least 6 years of experience applying information security controls methods, processes, and risk management best practices in a Global-International forum. Proven experience in successfully implementing PCI DSS framework. Strong technical information security knowledge to assess various information security and risk management processes and tools. Experience with Security Controls frameworks (e.g., CobIT, ISO 27001, NIST, PCI DSS) and knowledge of privacy regulations (e.g., GDPR, CPRA, CPA). Able to work effectively in a fast-paced environment characterized by multi-tasking and conflicting priorities. Strong communication and interpersonal skills, including documentation skills. Information Security Certification(s) preferred, which may include CEH, CISSP, PCI ISA, among others. Compensation
– Expected pay range will be $80,000 - $95,000. Pay is commensurate with experience. Benefits
– We offer a wide array of benefits including medical, dental, vision, disability, and life insurance. Work-Life Harmonization
– The Association offers Paid Time Off (PTO) at a minimum of 16 days per year for new employees. Tuition Assistance
- We support the career development of all employees. The American Heart Association’s 2024 Goal: Every person deserves the opportunity for a full, healthy life. Join our Talent Community! EOE/Protected Veterans/Persons with Disabilities
#J-18808-Ljbffr
Use the apply button below to start the application on our partner site.
Apply on employer site
Find more jobs like this using our Career Search Tool.
Need help with your career search including preparing your resume, networking, company research or even figuring out what kind of job you want? Check out our other career resources.
Need help finding more jobs that might be a good fit for your experience?Click here to evaluate your fit across all the roles on our site at once