Sr. Technology Risk Analyst in Boston, MA

Join a team of world class technologists who audit the cutting-edge technology development initiatives for a global blue chip financial firm. These professionals go far beyond security audits to make their environments safe from attack: they audit architectures, workflows, project management, and business processes to mitigate against risks of all kinds.

The Technical Security Risk Analyst is responsible for coordinating, managing and controlling assigned audit, client and risk projects. In addition, the Technical Security Risk Analyst is responsible for assisting management with the development, implementation and execution of appropriate management action plans to address and resolve any noted control issues during the project. Also, the Technical Security Risk Analyst is responsible for tracking and reporting the resolution status of any control issues on a monthly basis.

This position reports to the Vice President, Technology Audit Services.
Requirements

Bachelor's degree preferred

4+ years experience related to information security, technology audit or risk management
Thorough understanding of information security concepts and methodology
Thorough understanding of the software development process including analysis, design, coding, system and user testing, problem resolution and planning
Ability to analyze technology risks (security, availability, capability, efficiency and integrity) and provide recommendations to enhance the control procedures
Ability to interact with cross-functional teams in a dynamically changing, customer-based record keeping environment
Demonstrate leadership skills such as the ability to get things done; taking initiative to identify service enhancements or process improvements; demonstrates confidence in building a case with a successful outcome; and proven ability and success in identifying issue(s), identifying solution(s) and determining and acting on the best solution.
Demonstrate and practice strong and effective written and oral communication skills.
Provide assistance to analyze complex problems and develop creative solutions.
Plan, organize and lead meetings at the tactical level.
Project management skills; have the ability to initiate and maintain overall accountability for risk and control-specific initiatives and projects




Experience: Relevant skills/experience


A minimum of two years of experience in conducting IT audits using tools such as Qualys, Appscan, Spi Dynamics, and open source security toolsets;
Strong subject matter expertise in computer operations and/or computer application development is necessary;
In-depth knowledge of operating systems, networks and programming languages, application servers and database technology is desirable.
Industry certifications like CISSP, GSEC, CSIM, GIAC, CISA (or similar) is desirable, although not a requirement.
Familiarity with regulatory guidelines such as Sarbanes Oxley and SAS70.
Demonstrated experience in managing projects, staff and consultants.
Writing and documentation skills are a must.


To Apply to this job go to http://www.GadBall.com or click here