IT Risk Analyst (Cybersecurity)
Fidelity National Financial
- Jacksonville, FL
- Permanent
- Full-time
- Works with and supports the business units and/or business departments in the facilitation of the IT Risk Management (ITRM) framework
- Leads the discussion of IT and security risks with stakeholders and business units
- Manages and participates in ITRM program activities associated with, but not limited to: tracking, completion, and reporting of IT and security risks and remediation plans, oversight of the Application Risk Profile process and remediation plans and reviewing, analyzing, and reporting on risk-related issues
- Facilitates the review and risk evaluation of new or existing information resources or technology related services
- Develops and manages the reporting of various risk and control indicators, such as inherent risk, control effectiveness, residual risk, and overall status
- Supports the development, implementation, and maintenance of risk assessment frameworks
- Preparing status reports and presentations on a timely basis
- Other ITRM duties as assigned
- Bachelor’s Degree in a technology related field or business administration, accounting, finance, or related field or the equivalent combination of education and experience
- Requires 5+ years of experience in IT and security risk management (or similar field)
- Knowledge of IT and Security principles/frameworks such as COBIT, NIST CSF, Cloud Controls Matrix, CIS CSC, ITIL, ISO 27001
- GRC software experience
- Security related certifications such as CISA, CISSP, CISM, CRISC, or Security+
- Experience with BWise/SAI360 GRC
- GRC power user
- Familiar with the SOC2 process and controls
- Familiar with Unified Compliance Framework and/or similar IT/Security Frameworks
- Ability to prepare presentations, status reports, process narratives and workflow diagrams
- Demonstrate ability to plan, schedule, and coordinate work, and able to maintain elevated levels of confidentiality and professionalism