Jobless Developer
Prosum logo
Prosum

Posted 125 months ago

Open

Risk Analyst

El Segundo, CA, United StatesRemote

AI Summary

Risk Analyst DIRECTV is one of the world's leading providers of digital television entertainment services delivering a premium video experience through state-of-the-art technology, unmatched programming, and industry leading customer service to more than 32 million customers in the U.S.

About this role

Risk Analyst

DIRECTV is one of the world's leading providers of digital television entertainment services delivering a premium video experience through state-of-the-art technology, unmatched programming, and industry leading customer service to more than 32 million customers in the U.S. and Latin America.

The Compliance Assessor of IT Risk & Compliance Management performs Security Risk Assessments on DIRECTV’s 3rd party vendors.

An assesment would typically involve the following tasks:

• Communicating and interviewing vendors and internal business groups

• Obtaining and reviewing supporting documentation

• Performing on-site assessments (where necessary)

• Documenting vendor’s data security controls

• Summarizing the adequacy of security controls

• Outlining gaps & remediation steps

• Providing recommendations

• Capturing assessment results in centralized repository


Other responsibilities include:


• Assisting in the upkeep of governance, risk and compliance (GRC) software applications

• Interacting with team members and department/division personnel on other GRC related tasks

• Documenting data and process flows (e.g. data flow diagrams / swim-lane diagrams)

• Cataloging, tracking and reporting the status of other risk assessments and resolution actions

• Managing several GRC related tasks simultaneously without a great deal of direction or oversight

• Evaluating internal compliance to regulations such PCI

• Proposing practical risk mitigations based on cost, benefit and risk


Qualifications

• Should have minimum 1-2 years of experience working with IT compliance and/or security audits

• Should have experience with Governance, Risk & Compliance Programs

• Should have understanding of Payment Card Industry Data Security Standard (PCI DSS) and other compliance frameworks (e.g.: ISO 27001)

• Should have experience related to vendor management audits and/or SAS70/SSAE16 type audits

• Should be able to effectively communicate complex topics with both technical and non-technical personnel

• Should have experience in reviewing Polices & Procedures and security controls

• Big 4 consulting experience is considered an advantage


Additional Information

Certifications (preferred, but not required):

• PCI Qualified Security Assessor (QSA) or Internal Security Assessor (ISA)
• Certified Information Systems Security Professionals (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)


This opportunity is a Long Term Contract


Explore related jobs

More jobs at Prosum

Browse these categories

Remote JobsJobs in United States