risk analyst Pennsylvania
AmerisourceBergen
Full Time
Pennsylvania
10.56 - 12.04 USD Today
Job description
Are you looking to make a difference in a patient’s life? At AmerisourceBergen, you will find an innovative and collaborative culture that is patient focused and dedicated to making a difference. As an organization, we are united in our responsibility to create healthier futures. Join us and Apply today!
What you will be doing
Individuals within the Information Security role plan, execute, and manage multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness. They are focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. These individuals provide expertise and assistance to ensure the company’s infrastructure and information assets are protected.
IT Security Risk Analyst's develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security assessment procedures and use of firewalls and encryption routines. They perform security assessments and security attestations. To enforce security policies and procedures, they monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain and document security controls and provide direct support to the business and internal IT groups. These professionals work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They also communicate and educate IT and the business about security policies and industry standards and provide solutions for enterprise/business security issues.
- Works on multiple projects as a team member and leads systems-related security components.
- Monitors compliance with security policies, standards, guidelines and procedures.
- Assists in the development of processes and procedures for the information security governance program, including control document reviews, participant assessment preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting and escalation.
- Works with customers to identify security requirements using methods that may include risk and business impact assessments.
- Analyzes business processes and business requirements to determine conformance to security policies and procedures.
- Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Assists in the identification and resolves root causes of security-related problems.
- Works with teams to resolve issues that are uncovered by various internal and third-party monitoring tools.
- Collaborates on projects to ensure that security issues are addressed throughout the project life cycle.
- Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Assists in the delivery of security awareness and compliance training programs
- May guide users on the usage and administration of security tools that control and monitor information security.
- Performs related duties as assigned.
What your background should look like
Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience. Typically has three (3) to five (5) years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, database design and administration and one (1) - two (2) years of experience with IT security.
- Requires knowledge of security issues, techniques and implications across all existing computer platforms.
- Good analytical and problem-solving skills
- Self-starter mentality with a focus on continuous learning and professional career development
- Ability to communicate effectively both orally and in writing
- Good interpersonal skills
- Ability to work remotely and travel
- Ability to prioritize workload and consistently meet deadlines
- Strong organizational skills; attention to detail
- Demonstrated sound understanding of at least one (1) and general of an additional two (2) of the following standards such as ISO 27001/27002, COBIT, ITIL, NIST and PCI.
- Certification in at least 2 Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required.
- Prior experience in a Risk Management role is highly desired
- Professional certification(s) in technical security areas desired.
What AmerisourceBergen offers
We offer a competitive total rewards package which includes benefits and compensation. Our commitment to our eligible population of team members includes benefit programs that are comprehensive, affordable, diverse, and designed to meet the needs of our team members’ and their families. Some of these programs include paid time off including paid parental leave, access to retirement savings vehicles, medical, dental, vision, and life insurance options, an employee stock purchase program, and other financial, health, and well-being focused benefits.
Because we take a balanced, global approach to our benefits, benefit offerings may vary by location, position, and/or business unit. Some benefits are company-paid, while others are available through team member contributions. For details visit
https://www.virtualfairhub.com/amerisourcebergen
.Schedule
Full timeAffiliated Companies
Affiliated Companies: AmerisourceBergen Services CorporationEqual Employment Opportunity
AmerisourceBergen is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
AmerisourceBergen is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
AmerisourceBergen
www.amerisourcebergen.com
Conshohocken, PA
Steve Collis
$10+ billion (USD)
10000+ Employees
Company - Public
Biotech & Pharmaceuticals
2001
