Lead Information Risk Analyst

» Lead Information Risk Analyst
Finance & Accounting
in Rancho Cordova
, CA
Reference: 19-03225

Position Purpose:

  • Lead the design, implement and monitor IT controls for core applications and systems
  • Analyze IT data to assess risk and improve processes and efficiency
  • Oversee the design, execution, and assessment of IT (NIST, ISO, PCI, GDPR, etc.) controls for core applications and systems
  • Design, monitor and evaluate controls for effectiveness and efficiency to mitigate areas of risks
  • Prepare and document standard procedures and protocols
  • Assess application risks, system risks and data processes within IT and address risks with applicable general controls and recommend solutions
  • Review and prepare scheduled audit reports from both internal and external requests
  • Design application and system level controls in adherence to best auditing and security practices
  • Complete optimization reviews and prepare audit reports associated with the completion of scheduled audits
  • Identify key controls and coordinate appropriate measurement efforts for process improvement
  • Serve as primary liaison between auditing bodies, IT Security Management, compliance and Business Stakeholders
  • Lead and assist others with designing the IT environment to conform to relevant industry standards, such as NIST 800-53, ISO 27001, HIPAA, Sarbanes-Oxley, PCI-DSS, GDPR and other regulatory requirements
  • Lead and assist others with implementation of department strategy, governance and compliance of related information systems and technology architecture
  • Educate and train employees in the fundamentals of IT Audit Management
  • Establish new or improved methods design patterns and standards to solve complex problems
  • Provide subject matter expertise, support and guidance to project team members
  • Lead and direct the work of team members

Education/Experience:

  • Bachelor’s degree in IT, MIS, Accounting, Finance, Business Administration, related field or equivalent experience
  • 6+ years of combined auditing and IT controls design experience
  • Knowledge of IT systems and processes and experience evaluating internal technical control systems required

Licenses/Certifications: 

  • CISA, CISSP, MS SQL Server, CPA, CIA, or PMP preferred