Experience:
5+ years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Posted:
2/10/2016
Job Category:
Information Services
Risk Management Analyst Job
(This job is no longer available)
DSW | Columbus, OH
loading
loading
School
Major
Grad Date
 
 

Not sure what types of jobs you are interested in?


Explore Jobs
Based on Your Education

Follow This Company
Share

Job Description

Req #: 54081 
Mall/Shopping Center: Home Office, Columbus 
Department: Information Technology 

 

At DSW, we believe in the power of shoes. We understand shoes bring out something great from within, and since 1991 we've been helping everyone feel the rush of finding that perfect pair. So when you work for DSW, you become a part of all that. A family whose core values are comprised of passion, accountability, collaboration, and humility. You become one of us, You become a Shoe Lover!

 

 

The Risk Management Analyst:

  • Execution of Security Testing methodology
    • Testing of IT controls, specifically assigned to IT and business projects
    • Testing of IT controls within the CIS Critical Security Controls framework, aligned to DSW strategies
  • Development and support of risk management (information security and compliance) processes and initiatives
  • Expanding the scope of the existing IT Control framework
  • Audit Program  support:  Payment Card Industry (PCI), Sarbanes-Oxley (SOx), and Federal Trade Commission (FTC)

 

The role will support the direction of DSW IT Compliance and IT Security enterprise governance and strategies. This role reports to the Senior Manager, IT Security & Compliance and has no direct reports.

 

Responsibilities

  • Testing of IT controls, specifically assigned to IT and business projects
    • Project engagement, risk assessment,  selection of applicable controls
    • Designing project-specific testing criteria, expected results, and alignment on reporting expectations
  • Testing of IT controls within the CIS framework, aligned to DSW strategies
    • Execution of on-going IT control testing practices aligned with PCI, SOX, PCI, and the DSW Policy Portfolio
    • Ensures appropriate security and compliance considerations and industry-standard best practices are applied to all aspects of the corporate environment
  • Audit program support
    • Collaborate with Internal Audit and external auditors re audit-related questions, evidence gathering
    • General coordination and escalation
  • Development of processes, workflows, and clarifying documentation to support security and compliance-related requirements and policies 
  • Supports team initiatives, manage deliverables and schedules
  • Performs on-going research and strategic planning as related to changes in the regulatory environment
  • Other tasks as defined by management

 

Qualifications

  • 5+ years of IT-related support experience including in-depth knowledge of SOX and PCI auditing processes and requirements
  • Experienced in web application security, ITIL framework,  infrastructure and application architecture
  • Proven success in audit management
  • Proven success in IT process design and implementation
  • Undergraduate degree required
  • Certification preferred:  CISA, CISM, CISSP, ITIL v4 or v3

 

Required Competencies

  • Refined communication skills:  verbal and written
  • Ability to work independently; however,  comfortable sharing roles on a team
  • Analytical thought processes with an ability to clearly communicate those insights
  • Prioritizes tasks and communicates status; recognizes and escalates risk and issues
  • Self-motivated, detail-oriented, organized, strong time management and task prioritization
  • Able to persuade others
  • Completes tasks without management supervision
  • Evaluates data from disparate sources and performs root cause analyses
  • Able to plan and manage large- scale projects within ad-hoc teams

 

DSW believes that all persons are entitled to equal employment opportunities. We do not discriminate against race, color, national origin, religion, sex, age, disability, genetic information, sexual orientation, gender identify or any other protected classification recognized by state or federal laws.