The IT Risk and Compliance Analyst maps policy requirements and changes to develop and apply effective security processes. This position will be a member of the Risk Management Team and will be responsible for handling concerns in relation to risk, security, and policy compliance and will also be accountable to develop/update processes and procedures to alleviate concerns and gaps identified by the Risk Management team. Review and look for areas of improvement with both internal and third party hosted solutions regarding security procedures, monitoring, auditing and alerting. Engage in client security concerns and assist in responding to annual security questionnaires from customer base.
What Will You Do Here?
Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security.
Conduct vulnerability assessments and monitor systems, network, databases, and Web for potential system breaches.
Respond to alerts from information security tools.
Report, investigate and resolve security incidents.
Educate and communicate security requirements and procedures to all users and new employees.
Recommend and implement changes to enhance systems security and prevent unauthorized access.
Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.
Ensure compliance with regulations and privacy laws.
May oversee internal or external systems security (i.e. cloud services).
Engage in client security questionnaires.
Act as liaison with Legal department and outside security consultants.
Engage in annual SOC1 report activities with the Confluence hosted services.
Leads department IT Policy & Risk Assessment process improvement projects.
Develop monthly metric reports.
What Skills Are We Looking For?
Bachelor’s degree in Information Technology or related field preferred.
Four to five years’ experience in risk management or information security disciplines with emphasis on risk mitigation and security processes.
International business and financial/investment services industry experience preferred.
Ability to communicate risk and compliance issues to multiple audiences, including technicians, business people and management.
Strong understanding of the impact of risk/compliance topics on business processes.
Must be able to work with minimal supervision in a high paced environment.
Understanding of IT environments that exist on premise, in offsite datacenters, and are MS Azure based.
Demonstrated ability to work in a global, multicultural environment where diplomacy, professionalism, and a passion for diversity are paramount.
Ability to analyze problems and identify resolutions at a strategic and functional level.
Able to develop and maintain positive working relationships with a wide audience, from technical staff to management, clients and coworkers.
Ability to deal professionally and courteously with internal and external contacts.
Team management skills.
Thorough understanding and demonstrated working knowledge of applicable laws and regulations.
Proficient with Microsoft Office Suite (e.g., Outlook, Word, Excel, PowerPoint).
Must possess exceptional organization skills.
Excellent verbal and written communications capabilities required.
Ability to multitask, strong attention to detail, self-motivated willingness to take initiative.
Who is Confluence?
Confluence is a global leader in software products and solutions.? We are proud of our collaborative and forward-thinking culture which provides challenging yet rewarding opportunities while fostering professional growth. We have even received awards for our agile software development process. Our team members constantly strive to think creatively and innovate, sometimes even resulting in positive disruption. If this sounds like a culture in which you would thrive, Confluence could be the place for you.