This site uses cookies. To find out more, see our Cookies Policy

Risk/Compliance Analyst (No C2C or Sponsorship) in Columbus, OH at Vaco

Date Posted: 9/5/2018

Job Snapshot

Job Description

Looking for an exciting career opportunity as a Risk Analyst? Instead of being another faceless resume, let Vaco advocate for you! Right now, our client is looking to fill a Risk Analyst position. With Vaco, you will have an advantage over your competition! Our recruiters have direct relationships with hiring managers, so they can connect your work experience to the open job-promoting your strengths to the manager while preparing you for that specific interview.

Our recruiters will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, company culture and growth opportunities. If you're an experienced Risk Analyst, and you want to partner with the best, apply today!

Reporting to the Risk and Compliance Manager, this role is responsible for performing risk assessments and third party reviews. Interaction will include all levels of management. The successful candidate will have strong risk experience, proven leading skills, and strong verbal and written skills. Personal qualities include ongoing independence, professionalism, objectivity, a respected internal consultant with a high degree of integrity and respect for maintaining confidentiality.

Duties:

  • Research, collect and analyze data to perform risk analysis.
  • Generate reports and executive summaries of risk assessments.
  • Perform reviews of Third Party Questionnaires to identify risks.
  • Perform onsite audits for the companies critical vendors.
  • Generate report of Third Party assessments.
  • Assist in IT risk initiatives

Qualifications:

  • BS/BA - Management Information Systems (MIS), Computer Science and/or Accounting, Business Finance.
  • Minimum of 3 years of experience in risk and/or compliance
  • Professional certification or designations such as CISA, CISM or CISSP.
  • Working knowledge of policies and procedures; governance practices and control frameworks (COBIT, ITIL,); and regulatory obligations (SOX and PCI) as it relates to information systems.
  • Working knowledge of information technology general controls concepts in the areas of systems development (including design, implementation and/or assessment toward solutions), change management, computer operations.
  • Understanding of various operating system platforms including Windows 200X, UNIX, etc.
  • Working knowledge of relational database security concepts and platforms, including Oracle, Microsoft SQLServer and DB2.
  • Working knowledge of enterprise network and systems architecture concepts and technologies, including but not limited to enterprise directory, enterprise integration architecture, and identity & access management.
  • Experience with performing risk assessments/evaluations on Third Parties.
  • Experience with risk quantification (i.e FAIR or other frameworks)