Senior Information Risk Management Analyst
LTCPartners | Portsmouth, NH
The Senior Information Risk Management Analyst is responsible for developing, analyzing, leading, and coordinating the daily activities needed to support the Information Risk Management Program. Major Job Duties include: Develop and maintain enterprise plans, policies, standards and procedures. Develop, implement, and maintain various enterprise activities supporting the Information Risk Management Program. Lead the PII/PHI Document Inventory and Data Privacy Assessment. Support and coordinate information risk management and security control assessments, penetration tests, and security control compliance audits. Enhance and maintain the enterprise Business Continuity Management Program. Develop, lead, or enhance the Business Impact Analysis Program, the Vendor Business Continuity Program, and the Vendor Security Risk Management Program. Research and investigate new cyber-security threats, mitigation techniques and innovations, as well as information risk management tools and processes. Provide consultation on technical, administrative and physical security controls during all phases of SDLC for enterprise projects.
Required Experience and Skills:
- A minimum of 7 years’ experience in disciplines such as Business Systems Development, Business Analysis, Database Administration, Quality Assurance or Audit.
- A minimum of 5 years’ experience in disciplines such as Information Security Compliance; Business Continuity Planning; Business Impact Analysis; Vendor Management; and, Crisis Communications.
- Current knowledge of government and other regulatory requirements such as FIPS, FISMA, NIST, HIPAA, HITECH, Privacy Act, SOX, GLBA, GDPR, PCI, and State Laws on Cybersecurity.
- Ability to translate business continuity and information risk management requirements into effective policy, standards and procedures for IT and Business; and, coordinate their modification and dissemination to reflect regulatory changes or new compliance issues.
- Professional certifications such as: Certified in Risk and Information System Controls (CRISC), Certified Information Systems Auditor (CISA), Certified Business Continuity Professional (CBCP) and/or Certified Healthcare Continuity Professional (CHPCP), and willingness to complete certifications as required.
- Bachelor’s Degree in Computer Science or related field
- Advanced proficiency in Microsoft software – Access, Excel, Project, PowerPoint and SharePoint.
- Experience preparing and submitting audit and compliance reports to government agencies, governing bodies, legal entities, and external authorities.
- Solid understanding of project and change management principles with experience in managing projects or implementing initiatives across a diverse audience with a sense of urgency; and, successfully addressing multiple projects and competing priorities.
LTC Partners is an equal opportunity employer. Our company is a Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA) federal contractor and committed to hiring veterans.