Cyber Risk Management Analyst
- Employer
- Allstate Insurance Company
- Location
- Charlotte, North Carolina
- Salary
- Not Specified
- Closing date
- Sep 25, 2019
View more
- Category
- IT , Risk Management
- Job Type
- Not Specified
- Career Level
- Not Specified
Job Details
Where good people build rewarding careers.
Think that working in the insurance field can’t be exciting, rewarding and challenging? Think again. You’ll help us reinvent protection and retirement to improve customers’ lives. We’ll help you make an impact with our training and mentoring offerings. Here, you’ll have the opportunity to expand and apply your skills in ways you never thought possible. And you’ll have fun doing it. Join a company of individuals with hopes, plans and passions, all using and developing our talents for good, at work and in life.
Job Family Summary
Through its breadth of knowledge and understanding of information technology industry trends and emerging technologies, Security Governance protects Allstate assets and information. Security Governance manages the data protection strategies for the company. This is accomplished through the development, implementation and administration of programs that help address compliance requirements to state, federal and industry standards, while protecting their stakeholders and related information.
Job Description
**In addition to Charlotte, NC, we are open to candidates in the Dallas/Fort Worth, TX and Phoenix, AZ markets to work in our offices in those locations.**
This position is for a Cyber Risk Management Analyst in the Allstate Technology & Strategic Ventures (ATSV) Information Security department. The Cyber Risk Management Analyst will be responsible for supporting the company’s efforts to track, govern, report on, and reduce information security risks. This individual will be a key contributor managing operational activities to reduce risk to our company in close consultation with other Information Security, ATSV and business partners. This person will be a point of contact for risk remediation issues and will also manage inquiries from audit, adhoc information requests, and collaborate with cross functional teams that act as inputs to and consumers of risk remediation data. The analyst will have an understanding of information security best practices, risk assessment methodologies, and working across multi-functional teams.
Key Responsibilities
- Ensure the strategic alignment of information security with business strategy to support organizational objectives.
- Identify and support measures to manage and mitigate risks and reduce potential impacts on information resources to a level acceptable to the senior management of the company.
- Ensure changes in company processes, standards and technology meet security controls and compliance requirements.
- Partner with all areas of the business, IT and business partners on risk remediation related projects.
- Understand business and client requirements and work with the business areas to define appropriate security actions and activities while meeting the business need.
- Promote and consult on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
- Acts as a Change Catalyst for a risk based approach to delivery of services and systems.
- Drive discussions and provide guidance & support in managing and reducing risk remediation efforts across business functional areas.
- Participate in risk remediation discussions and updates to compliance policy and standards.
- Improve KPIs, metrics, and trending for the risk management and remediation function.
- Monitor, track, document and report on risk remediation activities.
- Respond to and assist with audits, assessments and compliance requests.
- Act as a subject matter expert for the organization's risk remediation processes and efforts.
- Provide influence and support to peers across risk remediation team to successfully deliver on business commitments.
- Initiates and implements continuous improvements in all areas of IT responsibility.
- Assessing risk using a standard methodology and consulting with subject matter experts to build risk remediation and risk reduction plans.
- Meet SLAs for processing cyber risk submissions according to quality control baselines and clearly reports risks and risk trends.
Job Qualifications
- 3 years of IT experience, 1 of which are in a Security domain.
- Demonstrated ability to lead discussions and participate in cross functional teams, including offsite, remote and offshore resources.
- Effective written, verbal communication skills. Ability to tailor communication style to audience at hand.
- Ability to effectively communicate with technical and non-technical resources.
- Strong organizational skills.
- Self-directed, works with minimal guidance, and recognizes when guidance needed.
- Proficient in MS Office Suite (Word, Excel, Project, PowerPoint, Visio).
- Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing.
- Experience evaluating and securing payment processing technology.
- Knowledge of PCI DSS, HIPAA, ISO, NIST, and IT Controls.
- Strong understanding of IT security best practices.
- Knowledge of ArcherGRC, RiskLens, and SkyHigh ShadowIT tools a plus.
Good Work. Good Life. Good Hands®.
As a Fortune 100 company and industry leader, we provide a competitive salary – but that’s just the beginning. Our Total Rewards package also offers benefits like tuition assistance, medical and dental insurance, as well as a robust pension and 401(k). Plus, you’ll have access to a wide variety of programs to help you balance your work and personal life -- including a generous paid time off policy.
Allstate generally does not sponsor individuals for employment-based visas for this position.
Effective July 1, 2014, under Indiana House Enrolled Act (HEA) 1242, it is against public policy of the State of Indiana and a discriminatory practice for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States, a member of the Indiana National Guard or a member of a reserve component.
For jobs in Los Angeles, please click "here" for information regarding the Los Angeles Fair Chance Initiative for Hiring Ordinance.
It is the policy of Allstate to employ the best qualified individuals available for all jobs without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity/gender expression, disability, and citizenship status as a veteran with a disability or veteran of the Vietnam Era.
Company
- Website
- https://www.allstate.com/
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert