Find Jobs
Information Security Policy, Risk & Compliance Analyst
Minneapolis, Minnesota  |  Hybrid, Onsite
Direct Hire Position
It appears that you have already applied to this job.
Applied on July 27, 2021
Job Id #48042 Posted June 1, 2021


Responsibilities:
• Partner with business and technology teams to execute information security and compliance responsibilities as defined via NIST-based information security program.
• Provide guidance and expertise to effectively categorize information and information systems to ensure impact levels for the security objectives of Confidentiality, Integrity, and Availability are aligned appropriately.
• Support development and implementation of system security plans including selection of controls and development of related artifacts, control procedures or related specification documents.
• Perform and/or facilitate assessment activities to validate security controls are implemented correctly, operating as intended, and producing the desired outcomes.
• Execute against continuous monitoring and continuous assurance activities including monitoring for changes to the system, performing periodic assessments of security controls, tracking control remediation actions, updating system security documentation, reporting status of security activities and facilitating ongoing risk determination and acceptance.
• Conduct research and analysis on security topics and produce written reports for management. Provide input to process activities and related documentation (e.g. system lifecycle support plans, operational procedures, training materials, etc.).
• Coordinate security POAM and exception request and approval processes. Conduct analysis and prepare reports for leadership and key governance groups. Monitor non-compliance and provide recommendations for process improvements or control enhancements where required.
• Collaborate with business and technology teams on projects and key initiatives to ensure that security requirements are addressed throughout the project life cycle. Provide education to staff on applicable policies, procedures, and standards.
• Provide information security consulting to business service owners and application development teams, providing information security expertise and solution recommendations where possible.
•Provide support for security governance activities, including managing communication about security control frameworks, policies and standards.
• Identify, assess, track and report on security risks across the enterprise. Track risk decisions and remediation plans. Work closely with Enterprise Risk to communicate risks to both technical and non-technical audiences.
• Monitor and verify compliance with new and existing policies, procedures and standards.

Qualifications:
• Bachelor's degree or equivalent combination of education and experience.
• Minimum of 6 years of experience monitoring, administering, developing or assessing security controls or security systems (8 years for level III; 10 years for level IV)
• Consistently demonstrates good judgment and a sense of urgency. Demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• An understanding of organizational mission, values, goals and consistent application of this knowledge, including commitment to delivering high-quality, prompt and efficient service to the business.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Ability to identify and assess the severity and potential impact of risks, communicate findings to business stakeholders, and effectively influence others towards fact-based decisions about compliance and risk management activities.
• Experience related to IT compliance and risk management, corporate governance, information security, business continuity, or access management.
• Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
• An ability to work on several tasks simultaneously and prioritize work effectively.
• Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
• Deep knowledge of NIST security management frameworks including 800-53 and Cybersecurity Framework is preferred.

 

Horizontal is proud to be an Equal Opportunity and Affirmative Action Employer. We seek to provide employment opportunities to talented, qualified candidates regardless of race, color, sex/gender including gender identity and/or expression, national origin, religion, sexual orientation, disability, marital status, citizen status, veteran status, or any other protected classification under federal, state or local law.

In addition, Horizontal will provide reasonable accommodations for qualified individuals with disabilities. If you need to request a reasonable accommodation in order to complete the application or interview process, please contact hr@horizontal.com.

All applicants applying must be legally authorized to work in the country of employment.

Upload Your Resume

We accept .DOC, .DOCX, .PDF up to 10 MB.

We do not accept scanned documents, images, or resumes containing images and/or icons.

Password must contain:
  • minimum 10 characters

  • 1 uppercase letter

  • 1 lowercase letter

  • 1 numeric character

  • 1 special character (such as !, %, @, #)

  • Passwords match

EQUAL OPPORTUNITY EMPLOYMENT SURVEY

What is your gender?

What is your ethnicity?

What is your Veteran / U.S. Military Status?

Do you identify with one or more of the classifications of protected veterans below?

If yes, please indicate by checking the appropriate box below

Do you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Horizontal is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.

Success!

You have saved your first job! To see all your Saved Jobs, click here. Or continue scrolling through jobs and bookmark openings that catch your eye and apply for those jobs later.

Return to Job Search
Close

We’re sorry!

There are currently no open positions in your location or accepting applications from out of the country

Return to Home
Close
X
Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.
Confirm