Information Security Risk Management Analyst

Responsibilities (includes but is not limited to):

• Develop and execute methods to monitor and measure risk, compliance, and assurance efforts.
• Develop and execute specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability requirements at the software application, system, and network environment level, at a minimum.
• Develop, foster, and maintain a cohesive partnership with management, risk management team members, and relevant stakeholders throughout the organization.
• Assess the effectiveness of security controls.
• Evaluate organizational policies, business processes, and internal controls to identify gaps and risks.
• Assist in analyzing root causes of control inefficiencies and recommend corrective actions.
• Review security assessment findings and prepare formal reports with recommendations.
• Advise management on critical risks and threats that may affect the organization.
• Assist management with educating and providing awareness related to the risk management program to relevant stakeholders.
• Keep up to date on the latest security threats, laws, regulations, policies, and industry best practices.

Knowledge (includes but is not limited to):

• In-depth knowledge of risk management methodologies.
• In-depth knowledge in information security best practicesand frameworks, including (but not limited to)NIST Special Publications and Cyber Security Framework, CIS Controls, ISO/IEC 27000 series, and OWASPTop 10.
• General knowledge of audit and compliance methodologies.
• General knowledge in laws and regulations related to information security and relevant to the organization,such as General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

Requirements and Skills (includes but is not limited to):

• Either a bachelor's degree in an Information Security, Computer Information Systems, Information Technology, or Risk Management discipline or at least4yearsof experience in InfoSec Risk Management.
  • Relevant InfoSec certifications are preferred.
• Strong attention to detail, analytical, and statistical skills.
• Excellent verbal and written communication skills. Able to communicate persuasively and influence others.
• Demonstrate professional skepticism to ensure evidence is sufficient when assessing the relevant information security controls.
• Demonstrate an understanding of business processes, internal risk management strategies, IT controls, and how they interact together.
• Demonstrate proficiency in process formulation and improvement.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Heath, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO & Holidays, Parental Leave, Sick Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

Diversity, Equity, and Inclusion is more than a commitment at WWT - it is the foundation of what we do. Through diverse networks and pipelines, we have a clear vision: to create a Great Place to Work for All. We believe inclusion includes U. Be who U are at WWT!

Equal Opportunity Employer Minorities/Women/Veterans/Individuals with Disabilities

Why WWT?

Fueled by creativity and ideation, WWT strives to accelerate our growth and nurture future innovation. From our world class culture to our generous benefits, to developing cutting edge technology solutions, WWT constantly works towards its mission of creating a profitable growth company that is a great place to work. We encourage our employees to embrace collaboration, get creative and think outside the box when it comes to delivering some of the most advanced technology solutions for our customers.

At a glance, WWT was founded in 1990 in St. Louis, Missouri. We employ over 9,000 individuals and closed over $17 Billion in revenue. We have an inclusive culture and believe our core values are the key to company and employee success. WWT is proud to announce that it has been named on the FORTUNE "100 Best Places to Work For” list for the 12th consecutive year!

Want to work with highly motivated individuals that come together to form high performance team? Come join WWT today! We are looking for a Risk Management Analyst to join our team within Information Security (InfoSec): Governance, Risk, and Compliance (GRC).

General Summary of Position:

The Risk Management Analyst position is critical for protecting organizational assets by ensuring compliance with internal policies and standards, contractual agreements, relevant legal and regulatory requirements, and recommending improvements to strengthen the organization's internal control structure.

The Risk Management Analyst develops and executes scheduled security assessments to validate security controls are implemented to protect the confidentiality, integrity, and availability of WWT information, and serves as a consultant within InfoSec, other internal departments, and the procurement of products and services.