Operational Risk Analyst -Security Governance Risk Issues Management

NAVA Software solutions is looking for an Operational Risk Analyst Security Governance & Risk Issues Management

Details:

Operational Risk Analyst Security Governance & Risk Issues Management

Location: Merrifield VA Hybrid

Duration: 12 months

Basic Purpose

This role is specifically designated as an Operational Risk Management (ORM) role for Issue Management. The Contractor Analyst will be experienced in risk management issue management risk and control selfassessments (RCSA) and have an understanding of security standards and familiarity with risk and compliance (GRC) tool operations. The Analyst will understand how the ORM framework applies to the business and be able to articulate the need for issue management. The Contractor Analyst will be responsible for supporting the daily operations of issue management and partnering with groups across security IT and business risk teams. A successful candidate will be required to research issues support the business in ensuring issues are captured timely ensure issues are correctly risk assessed and remediation plans are documented and align to the underlying root cause.

Responsibilities

• Attend meetings with stakeholders within security IT and across the credit union to assess and encourage the need for submitting issues impacting information security.
• Aid in the development of remediation plans.
• Facilitate root cause analysis
• Assess the impact and likelihood of an issue and provide justification for the ratings
• Leverage various communication channels to obtain required information.
• Work within the Logic Manager (GRC) platform
• Support metrics and reporting focused on issues and event processes.
• Aid business partners in understanding the importance of issue management.
• Keep current with Information Security best practices and industry trends and communicate/apply these practices to policy improvements and compliance actions.
• Perform other duties as assigned

Qualifications

• Experience in the credit union/financial services industry with a focus on regulatory frameworks information security assessments and remediation activities
• Experience managing issues from identification to remediation
• IT Audit or first line IT or security risk experience a plus
• Desired knowledge of NCUA FFIEC BSA/AML NIST (including the Cyber Security Framework and 800 Series)
• Effective planning and organizational skills
• Effective research analytical and problem solving skills
• Strong verbal written and interpersonal communication skills including technical writing
• Desired Bachelor Degree in business information systems or related field or equivalent work/military experience
• Ability to present findings and conclusions clearly and concisely
• Experience in working with all levels of staff management stakeholders and third parties
• Ability to build effective relationships through rapport trust diplomacy and tact
• Strong word processing and spreadsheet software skills