Open Position – Risk Analyst

Job Functions

  • Develop Risk Assessment templates, report formats, boilerplate language, process documentation
  • Develop or update existing tools to improve performance of Risk Assessments and integrate with future IT GRC systems
  • Interview project/system owners, technical leadership and project team members to identify compliance gaps against client policies and standards, regulatory and contractual obligations (PCI-DSS, Red Flags, and others)
  • Develop threat models using Microsoft STRIDE methodology and tools
  • Complete Risk Assessments against existing and new systems and applications
  • Low to moderate travel required
  • Prefer Atlanta, GA based
  • Work from home possible

Required Skills and Qualifications

  • 5 or more years of information security or compliance experience
  • Prior experience performing technology/information security risk assessments
  • Understands and can use the Microsoft STRIDE Threat Modeling methodology
  • Strong information technology background
  • Good understanding of Internet technologies, networking, Windows and Unix/Linux, web application development and related technologies
  • Strong interviewing and audit skills
  • Excellent written communication skills
  • Low to moderate travel required
  • Native English speaker