Information Risk Analyst (GRC Auditor)

Company: Verisk
Location: Jersey City
Posted on: June 20, 2022

Job Description:

Company DescriptionWe help the world see new possibilities and inspire change for better tomorrows. Our analytic solutions bridge content, data, and analytics to help business, people, and society become stronger, more resilient, and sustainable.Job DescriptionCome join our growing team of second line defense as we help ensure the security of our great organization.

• Perform risk assessments to identify and document risks faced by the organization
• Advise on implementation of risk and security controls, including technical countermeasures, to proactively reduce risk exposure
• Operate IT SOX Controls for daily and weekly monitoring, as well as performing quarterly access reviews
• Assist in implementing the enterprise-wide risk framework
• Completes all responsibilities as outlined on annual Performance Plan.
• Completes all special projects and other duties as assigned.
• Must be able to perform duties with or without reasonable accommodation.Qualifications
  • Bachelor's degree in a related field (Business, Computer Science/Engineering, etc.)
  • Certification such as CISSP, CRISC, CISM, CISA, or other related to the fields of information risk or information security
  • Minimum of three (3) to five (5) years of information risk or information security experience in either the Big 4, a financial or healthcare institution, or vendor supporting such institution
  • Prior experience performing risk assessments for cloud and on-premise data centers, using Factor Analysis of Information Risk (FAIR) or Value at Risk (VAR) methodologies
  • Prior experience designing, operating or assessing IT controls for cloud and on-premise data centers (e.g., Internal Audit, SOX audit, SSAE 18 SOC2 Type 2 reports, ISO2700X certifications, etc.)
  • Prior experience working with enterprise governance, risk and compliance (GRC) solutions would be a benefit
  • Knowledge of cloud security and on-premise data center security solutions
  • Knowledge and understanding of information risk/security principles and related industry standards, including: NIST, PCI, ISO 27001, HIPAA/HITECH and OWASP
  • Must have a proven track record of excellent research, analytical skills and process efficiency mindset
  • Outstanding interpersonal and communication skills
  • Cross-team functionality essential to understand business needs for existing clients and new vendorsAdditional InformationAt the heart of what we do is help clients manage risk. Verisk (Nasdaq: VRSK) provides data and insights to our customers in insurance, energy and the financial services markets so they can make faster and more informed decisions.---Our global team uses AI, machine learning, automation, and other emerging technologies to collect and analyze billions of records. We provide advanced decision-support to prevent credit, lending, and cyber risks. In addition, we monitor and advise companies on complex global matters such as climate change, catastrophes, and geopolitical issues.But why we do our work is what sets us apart. It stems from a commitment to making the world better, safer and stronger.It's the reason Verisk is part of the UN Global Compact sustainability initiative. It's why we made a commitment to balancing 100 percent of our carbon emissions. It's the aim of our "returnship" program for experienced professionals rejoining the workforce after time away. And, it's what drives our annual Innovation Day, where we identify our next first-to-market innovations to solve our customers' problems.---At its core, Verisk uses data to minimize risk and maximize value. But far bigger, is why we do what we do.At Verisk you can build an exciting career with meaningful work; create positive and lasting impact on business; and find the support, coaching, and training you need to advance your career.---We have received the Great Place to Work - Certification for the fifth consecutive year. We've been recognized by Forbes as a World's Best Employer and a Best Employer for Women, testaments to our culture of engagement and the value we place on an inclusive and diverse workforce. Verisk's Statement on Racial Equity and Diversity supports our commitment to these values and affecting positive and lasting change in the communities where we live and work.Verisk Analytics is an equal opportunity employer.All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability.http://www.verisk.com/careers.htmlUnsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.Consumer Privacy NoticeAt Verisk, the health and safety of our people is our number one priority. Effective November 15, 2021, and subject to applicable law, all prospective hires for office based roles or roles that support any of our businesses' government contracts will be required to demonstrate that they are fully vaccinated against COVID-19 by their start date, or qualify for a legally-required medical or religious accommodation to this vaccination requirement, as a condition of employment. Hired candidates who do not demonstrate that they are fully vaccinated against COVID-19 by their start date, and who have not been approved for a legally-required medical or religious accommodation will no longer meet the requirements for employment and their offers of employment will be immediately rescinded, in accordance with applicable law.

Keywords: Verisk, Jersey City , Information Risk Analyst (GRC Auditor), Accounting, Auditing , Jersey City, New Jersey