Information Security Risk Assessor

Calsoft Labs
Culvercity, CA
08 Feb 2025

Vacancy expired!

We have

W2

Contract Position as an

Information Security Risk Assessor role with one of our

direct clients in

Culver City, CA

Location: Culver City, CA (Onsite)

Job Description: The team is responsible for conducting risk assessments and applications. This includes identifying the risks, reporting, communicating/consulting with stakeholders, and managing the action plan determined. Need to have hands on experience leading risk assessments (not someone who has just been part of a risk assessment team). 3+ years in information security and 1+ years in risk assessment. Assessing cloud applications and IT admin experience can be useful for this role.

DescriptionAs a Risk Assessor, you are responsible for performing end-to-end security risk assessments. Due to the diversity of our businesses, you will get an opportunity to risk assess a broad spectrum of targets such as applications, technical environments, third parties, and workflows to help secure information assets. The Risk Assessor Role reports to the Director of Information Security Risk.As a Risk Assessor, you are the key contributor to helping Executives for all business lines have visibility in the information security risks their businesses face. The business leaders rely on you to provide guidance on how to address the risks as well as validate that the risks are addressed to an acceptable level and as a result, is more secure.As a Risk Assessor, you are the key contributor to helping Executives for all business lines have visibility in the information security risks their businesses face. The business leaders rely on you to provide guidance on how to address the risks and validate that the risks are addressed to an acceptable level and as a result, is more secure.

What You Will Do:
  • Conduct comprehensive end-to-end information security risk assessments to identify, assess, and measure information security risks for systems, applications, facilities, technical environments, networks, projects, workflows, and third parties impacting IT and business initiatives globally across Sony Pictures and subsidiaries
  • Review new applications, emerging technologies and services and provide guidance to business stakeholders on the risk of reviewed targets
  • Prepare risk assessment reports that drive management decision-making to address identified risks by risk reduction, acceptance, avoidance, and transfer
  • Provide thoughtful and insightful advice to remediation owners in the formulation of risk treatment plans and ensure the risk treatment plans are in place and adhered to
  • Present risks to executive management
  • Manage relationships with security, technology, and business stakeholders and lead meetings to communicate information security risks and drive risk decisions from risk owners by providing multiple mitigation approaches.
  • Contribute to and support continuing improvements and efficiencies in the risk program
  • Leverage the ServiceNow GRC platform in carrying out risk activities (Risk assessment, remediation, etc.)
  • Support vendor onboarding as needed by reviewing information security terms in third-party contracts
  • Perform Business Impact Assessments to identify critical third parties and applications
  • ID: #49086690
  • State: California Culvercity 90230 Culvercity USA
  • City: Culvercity
  • Salary: $60 - $70
  • Job type: Contract
  • Showed: 2023-02-08
  • Deadline: 2023-04-04
  • Category: Et cetera