Are you interested in working with a company who delivers exceptional client service; acts with integrity and responsibility; and supports the growth of their employees? Our client is just that organization. They are the top in the Insurance industry, and they may be looking for you!
Our client is seeking an Information Security Analyst to join them directly.
Autistic and neurodivergent candidates are highly encouraged to apply.
Direct Hire Salaried role with the Client working remote
The Information Security Analyst will perform third party vendor security risk assessments, wherein they will analyze the security posture of our vendor relationships to ensure they align with Farmers security controls. Analysts will be introduced to a risk-based methodology that will enable them to identify a broad range of cybersecurity and data privacy risks among the organization’s suppliers and vendors. Analysts will develop skills to identify and advise on security countermeasures and controls; learn best practices; learn to perform complex security risk assessments; build knowledge of corporate security policies; and learn to recognize security violations. Analysts will play a critical role in managing Farmers data security risks.
Essential Job Functions
· Manage the end-to-end lifecycle for a portfolio of vendor security risk assessments, each with different priorities, requirements, start dates, and deadlines.
· Lead interviews with vendor representatives and Farmers stakeholders to validate the scope of the vendor’s services and the impact on the security and privacy of Farmers’ data.
· Demonstrate flexibility by employing adaptive lines of inquiry during interviews to capture the nuance and unique characteristics of each vendor relationship.
· For each assessment, review a wide range of vendor questionnaire responses, scrutinize findings and gaps, and summarize the overall risk of the vendor engagement.
· Develop competencies to identify security risks across various security domains, such as cybersecurity, application security, physical security, secure software development lifecycle, cryptography, access controls, network security, governance, and compliance.
· Generate conclusion reports for each assessment, complete with highlighted gaps, vendor remediation plans, compensating controls and overall conclusion whether to proceed with the engagement.
· Throughout the lifecycle of each assessment, ensure all Farmers stakeholders, such as requestors, contract managers, and project managers, receive consistent and clear status updates.
· Track post-assessment gap remediation by the vendor. Learn to effectively communicate data security risks to both IT and business stakeholders, to master tailoring messaging to both technical and non-technical audiences.
· Demonstrate ownership of assigned projects from initiation to completion by employing precision, analytical skills, and strong attention to detail.
· Perform other duties as assigned.
Sits or stands for extended periods of time, up to a full work shift. Occasionally reaches overhead and below the knees, including bending, twisting, pulling, and stooping. Occasionally moves, lifts, carries, and places objects and supplies weighing 0-10 pounds without assistance. Listens to, interprets, and differentiates auditory information (e.g., others speaking) at normal speaking levels with or without correction. Visually verifies and reads information. Visually locates material, resources, and other objects. Ability to continuously operate a computer for extended periods of time, up to a full work shift. Physical dexterity sufficient to use hands, arms, and shoulders repetitively to operate keyboard and other office equipment up to a full work shift.
This position operates in an open office working environment which will include normal and customary distractions, noise, and interruptions.
High school diploma or equivalent required. Bachelor's degree in Information Systems or related discipline preferred.
· 1 - 3 years of experience in IT Security or Information Security Risk consulting, or comparable base of knowledge/expertise in the field.
· Familiarity with governance and controls frameworks, such as COBIT, COSO, ITIL, NIST, and ISO preferred.
· Experience in documenting procedures, reports, presentations, agendas, and meeting minutes.
· Familiarity with assessing IT or security risk in an enterprise-level environment.
· Time management, project management, presentation, and organizational skills.
· PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.
Job Location(s): Remote
“It is the policy of Rangam Consultants, Inc. to provide equal employment opportunities to all applicants and employees without regard to any legally protected status such as race, color, religion, gender, national origin, age, disability, or veteran status.”