Gov Risk & IT Compl Analyst Sr Position Available In Fulton, Georgia

This position coordinates activities for the creation, implementation, and execution of strategies and programs designed to reduce and mitigate information security risk across the enterprise. The role supports enterprise-wide information security and assurance function, ensuring that confidentiality, integrity, and availability requirements of information systems and assets are identified and managed appropriately. Responsible for identifying risks through a practical but comprehensive evaluation process. Responsible for improving the content, quality and timing of governance, risk and compliance analysis and reporting. Responsible for implementation of a proactive approach to risk management. Accountable to control the growth of governance, risk, and compliance-related expenses. Responsible to direct and establish a timely and consistent approach to assess and improve compliance programs across the business. Responsible for establishing an enterprise-wide view of gaps and improve risk response strategies. Responsible for streamlining compliance programs across the enterprise to gain efficiencies and improve effectiveness. Responsible for establishing consistent policies and standards across the enterprise to enforce ownership and accountability. Leverages technology to aggregate controls, risk, and compliance information to rapidly identify and report exceptions. Responsible for conducting Operational Risk Assessments and Compliance Reviews. Responsible for conducting and directing ERM assessments. Conducts business unit self-assessments and reporting package development. Leads and directs engagements involving Operational Risk and ERM, emphasizing assisting businesses with the assessment and improvement of their risk management processes and program. Directs businesses with understanding regulatory compliance requirements and developing solutions to meet these requirements. Provides vision, leadership, planning, project coordination and management for the development of a cost-effective department while concurrently facilitating efficient operations to meet current and future business needs within the organization. Responsible for strategy, operations, and management in several functional areas to have a broad understanding of risk and compliance management. Represents company in community and industry, programs, and conferences. Upon request, functions as the department head in the absence of the executive leader. Participates in the development of programs as a strategic partner that supports the company plan. Participates in development of annual departmental budget, monitor budget, and identify budget discrepancies. Research cause and make recommendations. Responsible for balancing workload to optimize the effectiveness of the department.

EDUCATION

Bachelor’s degree in computer science or related field. Relevant combination of education and experience may be considered in lieu of degree. Continuous learning, as defined by the Company’s learning philosophy, is required. Certification or progress toward certification is required.

EXPERIENCE

Seven years of experience leading information risk, security, and governance teams, transforming functions and changing culture. Experience with leading the response to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail. Extensive experience in information security architecture, consultative stakeholder management, and strategic planning. Experience with classified networks, information classification, and confidentiality requirements associated with high security environments. Two years demonstrated leadership in information security program management required. HITRUST experience preferred.

QUALIFICATIONS

Ability to perform the following as it relates to Governance, Risk Management, and Compliance strategy, organization, policy, and governance: program evaluation, risk assessment, controls identification and testing, state/federal regulatory audits, industry specific regulatory compliance (e.g., PCI, HIPAA, HiTrust etc.). Ability to utilize industry standards and best practices to assess, advise, design, and/or recommend complex, enterprise-wide, regulatory compliance, risk management, and/or internal audit organization structures, policies and procedures, methodologies, toolkits, and templates. Ability to identify and address client needs: actively participating in client discussions and meetings; managing engagements including preparing concise, accurate documents and balancing project management with the occurrence of unanticipated issues. Understanding of the enterprise information security architecture discipline, processes, concepts, and best practices. Demonstrated consultative approach to driving change and deploying controls. Knowledge of technological trends and developments in information security and risk management. Knowledge of information security and risk control frameworks as well as business continuity and IT disaster recovery frameworks. Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals. Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction, in a culturally diverse, matrix management environment. Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors. Strong, proven problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions through to completion. Ability to work with and empower others on a collaborative basis to ensure success of unit team. Ability to effectively exchange information, in verbal or written form, by sharing ideas, reporting facts and other information, responding to questions, and employing active listening techniques. Ability to effectively present budgetary and/or cost information and respond to questions.

WORKING CONDITIONS

Work is performed in an office setting with no unusual hazards. Some travel is required.

PAY RANGE

Actual compensation decision relies on the consideration of internal equity, candidate’s skills and professional experience, geographic location, market and other potential factors. It is not standard practice for an offer to be at or near the top of the range, and therefore a reasonable estimate for this role is between $80,900 and $211,900 #AFG #AF-AD1