Data Security Risk Analyst/Auditor
Chicago, IL, US, 60601
Full Time Entry-level / Junior USD 67K - 78K
- Remote-first
- Website
- @JJKeller 𝕏
- Search
J. J. Keller & Associates, Inc.
J. J. Keller is the trusted source for DOT Transportation, OSHA Workplace Safety, Construction and Human Resources (HR) products and services. Our regulatory experts have years of experience helping companies meet their safety and compliance... Requisition #: 19597
Functional Area: Audit/Risk/Compliance
Employment Type: Full-Time
Work Options: Remote / Work from Home in the US #LI-Remote
Work Hours: Standard business hours
Position Summary
The Data Security Risk Analyst / Auditor position is responsible for assisting the Sr. Data Security Manager with evaluating conformance to data security standards and enforcing corporate data security and privacy controls. This position is part of the Risk & Compliance team, segregated from business units such as IT and others which control Company services in order to maintain objectivity in its audit oversight role.
The Risk & Compliance department provides support in the areas of Enterprise Risk Management, Data Security Compliance, Intellectual Property Protection, Contract/Legal Review and Records & Forms Management.
This position is able to work 100% remote, onsite at our corporate headquarters in Neenah, WI, or in a hybrid capacity.
Job Responsibilities
- Responds to customer written and verbal requests for detailed information about J. J. Keller’s security and privacy strategy and implementation.
- Analyzes reports of security incidents and prepares tactical and strategic actions required to respond; assists with analysis of incident to determine root cause.
- Evaluates suitability of security measures and controls to protect organizational data from unauthorized access, disclosure, modification or destruction; recommends improvements.
- Conducts internal audits of administrative and technical controls to assess compliance with data security and privacy policies, procedures, standards, and/or regulations. Completes audit documentation.
- Provides consulting to business units on interpretation of audit results, adequacy of proposed remediation of control gaps, and recommendations for overcoming shortfalls.
- Assists in updating the information security management system risk model to manage cyber risks associated with business activities and technical implementations.
- Collaborates with IT Infrastructure team on monitoring security services provided by outside vendors (IDS/IPS/SIEM, reviews of developed code, vulnerability scanning, and annual penetration test).
- Assesses data security and privacy practices of new company vendors; regularly reviews practices of existing vendors to ensure company requirements are being met.
- Advises Contracts team on data security and privacy language included in proposed customer and vendor contracts.
- Keeps up-to-date with changing trends in customer requirements, technology, security, and compliance, along with knowledge of Company services, the infrastructure on which they run, and the hardware and software supported. Advises company leadership on emerging trends and potential impact on the company.
- Administers the AuditBoard auditing system for Risk & Compliance and other company users; performs system configuration, user training, and consultation.
- Carries out responsibilities in a fair, ethical and non-discriminatory manner.
Qualifications
Experience:
- Experience working with information security or auditing.
- Experience with risk assessment.
- Experience with investigating data security incidences and asking probing questions.
Education:
- Bachelor’s Degree in Business or Technology related field with a focus on information security.
- Desired Certifications: CISSP, CISA, CIA, CRISC, CISM, GIAC, or CEH.
Other Skills/Qualifications:
- Knowledge of information security technology, disaster recovery and business continuity planning, cloud technologies, firewalls, intrusion detection systems, data loss protection, identity and access management, anti-malware, and SIEM technologies.
- Knowledge of one or more of the following: NIST Cybersecurity Standard and ISO 27001:2022; 18 CIS Critical Security Controls; privacy laws including GDPR, CCPA and US States.
- Must be effective in working across organizational boundaries to build a case for change and work with others to execute the change.
- Enhanced organizational and prioritization skills.
- Ability to work independently and meet deadlines.
- High attention to detail and strong analytical skills.
Benefits
- Medical / Dental / Vision Insurance
- Annual Reviews, Merit Increases + Quarterly Bonus Program
- 401(k) with Employer Match
- Annual Profit Sharing
- 17 PTO Days + 8 Paid Company Holidays + 1 Paid Floating Holiday
- Work/Life Balance & Flex Time
- Annual Learning & Development Subscriptions
- Free Onsite Wellness Clinic for those associates near our corporate office + free telehealth coverage for all associates regardless of where you live
- Free access to FLEX by Fitness on Demand providing 24/7 access to online workout videos
- Strong company culture that fosters internal growth and development
- Computer Equipment Provided for Home Office
We Protect People & The Businesses They Run™
Every associate at J. J. Keller makes a difference by creating safer, more respectful workplaces. Whether serving our customers directly with expertise in safety and regulatory compliance or supporting the business with specialized skills, together we contribute to better workplaces for people across North America.
J. J. Keller History: November 1, 2023, marked 70 years of business for J. J. Keller & Associates, Inc. Click HERE to take a tour through three generations of this family-owned business – from our founding as a one-man consulting firm through decades of delivering on our purpose of protecting people and the businesses they run.
J. J. Keller Career Stories: Click HERE to hear from our associates about what they have to say about life as an associate at J. J. Keller.
J. J. Keller Earns 7th Great Place to Work Certification™: Click HERE to find out what makes J. J. Keller great.
J. J. Keller Certified as a Top 100 Most Loved Workplace® in America: Click HERE to find out why our associates LOVE working at J. J. Keller.
2023 Top Company for Women to Work for in Transportation: Click HERE to learn more about this prestigious recognition.
J. J. Keller provides a competitive benefit package which includes the following (eligibility requirements apply): Medical, Dental, and Vision Insurance, 401(k) and Profit Sharing Plan, etc. The compensation range for this role is $67,000.00 to $78,000.00 which varies depending on factors including, but not limited to, a candidate’s overall experience and geographic location. Note that J. J. Keller is not currently recruiting employees to work in California.
If you experience system-related issues or need assistance with the online application, please call (920) 720-7700.
Professional Referral Program: Not the right role for you, but know someone who could be a great fit? Click HERE to refer them to us through our Professional Referral Program and you will earn a cash payment if your referral is hired.
J. J. Keller & Associates, Inc. is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.
Tags: Audits CCPA CEH CIA CISA CISM CISSP Cloud Compliance CRISC Firewalls GDPR GIAC IAM IDS Intrusion detection IPS ISO 27001 IT infrastructure Malware Monitoring NIST Privacy Risk assessment Risk management SIEM Strategy
Perks/benefits: 401(k) matching Career development Competitive pay Gear Health care Insurance Salary bonus Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.