1-3 years of experience
Concerned about your lack of experience? Learn More...
Employment Type:
Full time
Job Category:
Information Services
IT Risk Analyst
(This job is no longer available)
Grad Date

Not sure what types of jobs you are interested in?

Explore Jobs
Based on Your Education

Follow This Company

Job Description

IT Risk Analyst
Lake Forest, IL

Individual is responsible to participate in the development and execution of operational IT risk and compliance management strategies, monitor compliance to policies, procedures and standards that aid the organization in protecting the Company brand.

Assist in the development and execution of the Company Global Enterprise Information Security Risk and Compliance strategy and best practices. In particular, active participation in the development and implementation of risk assessment and compliance strategies for international business units.

Actively engage with a diverse group of stakeholders that include EPS, TIS and application teams, contract, records management, legal, human resources and business functions of US and international business units to:

Increase awareness of information security risk and compliance obligations. Communicate and clarify the intent behind the existing security policies and procedures. Provide consultation on Information security risks and best practices.

Assist in analysing new and existing projects and initiatives to assess impact on existing security posture and compliance obligations while suggesting appropriate mitigation strategies to stakeholders for key compliance and security risks.

Review contracts with new and existing vendors and service providers to ensure that adequate contractual protections from information security risks are included.

Actively participate in projects to identify, prioritize, track and report the information security risks and related metrics related to Company US and international business units.

Follow up and monitors the status of technology risk and compliance obligations based on assessment results and information from various monitoring and control systems.

Review existing policies and procedures and works with management to keep them updated.

Track compliance to policy, standards, processes and procedures to assess, monitor, report, escalate and remediate IT risk and compliance related obligations.

Communicate unresolved or suspected security exposures, misuse, or noncompliance situations to management.

Coordinate and monitor regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation (eg, Sarbanes-Oxley Act compliance and PCI).

Coordinate with the Internal Audit department on execution and follow-up of audits that relate to the Enterprise Security function.

Maintain reliable, up-to-date, information from the government and across the industry regarding identification of new threats and vulnerabilities.

Participate in due diligence and special review(s) work as required by management.

Position Requirements

Experience in design and development of policies, procedures and best practices for information security and privacy.

Ability to address and/or escalate suspected security exposures, misuse, or noncompliance with Company Security policies and compliance requirements including Sarbanes-Oxley (SOX) and PCI-DSS.

Ability to communicate issues of non-compliance to management and recommend modifications as necessary.

Bachelor's degree in Information Systems or related degree, or equivalent job experience.

2+ years of experience or training in systems Security fundamentals

Audit experience helpful but not required

Ability to cooperatively and effectively prioritize and execute tasks in a complex environment

Ability to quickly learn, become competent in, and effectively apply new skills

Understand dependencies between business processes, technical systems and compliance regimes.

Knowledge and ability to teach/mentor an intern.

Able to communicate cross functionally between technical and business partners

Highly self-motivated

Strong attention to detail

Good written and verbal communication skills.

Good presentation skills.


Applicants must be eligible to work in the specified location