Information Security Risk Analyst

Information Security Risk Analyst - Long Term Contract - Atlanta/Burbank/NYCInspyr Solutions is seeking an Information Security Analyst for one of our premier entertainment clients based near Atlanta, GA/Burbank, CA/New York, NY. If you or somebody you know is interested, please send your resume to Daniel. Position Overview: The Information Security Risk Analyst will support the Risk Management Team in managing identified security risks to the organization.They will operate the company risk management program, and work with subject matter experts to evaluate security risks and provide guidance on appropriate risk mitigation activities with limited oversight.The Analyst will proactively build and maintain relationships with business and technical stakeholders, by helping them address any security risk inquiries and concerns.Responsibilities:

• Collaborate with business and technical stakeholders to identify, assess, and track remediation of potential information security risks to the company and its operations
• Liaise with GICS technical resources to identify and evaluate mitigating factors and remediation plans for addressing security risks to the organization
• Operate and maintain information security risk management processes using company tools and technologies
• Build and maintain internal relationships to ensure alignment and partnership with key stakeholders globally across
• Support development and maintenance of the company-wide information security risk register
• Route information security risk and compliance inquiries to relevant GICS technical resources
• Execute scheduled and ad-hoc information security risk assessments of company initiatives, products and departments against corporate policies and security best practices
• Evaluate the design effectiveness of technical security controls to address known risks and non-compliances

• Bachelor's degree or above required, ideally in Information Systems, Cyber Security, or a related discipline
• 3 or more years of experience in designing, implementing, and assessing information security and compliance programs required
• Ability to build and maintain relationships with a diverse range of stakeholders globally required
• Ability to clearly and concisely communicate technical security topics to non-technical audiences and senior executives required
• Ability to associate technical security issues to business objectives and operational impacts required
• Ability to evaluate design effectiveness of technical security controls required
• Familiarity with secure development principles for operating systems, databases, applications and network infrastructure required
• Familiarity with common Information Security frameworks and Regulatory standards such as NIST, ISO27001, SOX, SOC 2 reporting, PCI, HIPAA or FAIR preferred
• Familiarity with secure cloud configuration principles for AWS, Azure or Google Cloud environments preferred
• Familiarity with vendor security assessment techniques an advantage
• Familiarity with vulnerability management techniques an advantage
• Familiarity with common Privacy regulations such as GDPR and CCPA preferred
• Familiarity with implementing and utilizing GRC tools an advantage
• Familiarity with secure application development practices an advantage
• Familiarity with common encryption technologies an advantage
• Familiarity with firewall technologies such as Palo Alto an advantage
• Familiarity with production and broadcast environments an advantage