Risk Assessment Analyst II (Guadalajara)

If you’re passionate about building a better future for individuals, communities, and our country—and you’re committed to working hard to play your part in building that future—consider WGU as the next step in your career.

Driven by a mission to expand access to higher education through online, competency-based degree programs, WGU is also committed to being a great place to work for a diverse workforce of student-focused professionals. The university has pioneered a new way to learn in the 21st century, one that has received praise from academic, industry, government, and media leaders. Whatever your role, working for WGU gives you a part to play in helping students graduate, creating a better tomorrow for themselves and their families.

Essential Functions and Responsibilities:

• Function as a lead analyst in one or more efforts to assist with risk analysis, third-party risk, exception to policy analysis and other security efforts.
• Recommend and support the creation of tools, processes, and communications that support information security initiatives. Participate in the development of security policies, standards and procedures.
• Develop and apply standards and procedures regarding security tools.
• Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.
• Conduct security risk assessments related to internal systems, projects, third-parties, suppliers, etc. based on industry accepted best practices; including, but not limited to NIST and similar frameworks.
• Conduct Open-Source Intelligence (OSINT) research on third-parties, suppliers, and applications with regards to the security profile of the Target of Evaluation (ToE) .
• Review Exception to Policy requests.
• Work with engineers, architects, and other security professionals to understand risk of a system, project, third-party, supplier, or application and recommend security controls to mitigate known risks.
• Work with IT and business unit management to assure third-parties, applications, and suppliers are aligned with the university’s security requirements.
• Provide guidance and assistance to operational teams and third-parties to remediate security deficiencies identified in risk assessments.
• Knowledge of NIST, ISO, and PCI-DSS standards as well as FERPA, GLBA, GDPR, HIPAA, FTC regulations. Contribute to developing assessment plans building on the methodologies promoted by these standards and regulations to quantify risk.
• Measure, collect, and report on key information security services and risk indicators.
• Identify process gaps; recommend and support process improvement.
• Act as an advocate for Information Security to help the business understand information security risks, standards, and best practices as they relate to third parties and products.
• Ability to identify internal and external trends to identify risks.
• Ability to articulate risk to management.

What you'll need or Minimum qualification:

• Bachelor’s Degree in related field and 2 years of relevant work experience or 4-5 years minimum of Information Security experience.
• Experience with security industry standards and best practices. Proven experience with interpretation and implementation of those standards in a corporate environment.
• Experience recommending additional security requirements and safeguards.
• Experience with cyber-security and privacy principles and controls used to manage risks related to the use, processing, storage, and transmission of information or data.
• Knowledge of risk management best practices and frameworks.
• Strong analytical and problem-solving skills.
• Good written and oral communication skills.
• Solution-driven approach to problems.
• Detail oriented and result driven.

Nice to have:

· Industry certification (e.g., CISSP, CISM, CRISC, CISA).

Location: Guadalajara

As an equal opportunity employer, we recognize our strength lies in our people and commit to creating an inclusive environment where all can thrive, regardless of race, age, gender orientation, sexual orientation, religion, or disability.

Learn more about our WGU Mexico Team by clicking here.

#LI-OM1

Learn more about our WGU Mexico Team by clicking here.