Information Risk and Compliance Analyst, Miami, FL (Estimated Salary $60,000 - $80,000) #UCF

May 10, 2019 | News/Articles

The Information Risk and Compliance Analyst will be responsible for assuring information security and managing risks related to the use, processing, transmission and storage of information and the systems and processes used for those purposes. The Analyst's role lies within the Chief Information Security Officer's organizational structure, reporting to the Manager of Information Security Governance, Risk and Compliance. The Analyst will be a key member contributing to the development and maintenance of information security policies, focusing on assessing and prioritizing risk across the organization, compliance with information security policies, and the development and reporting of information security metrics. The Analyst will perform risk assessments and control gap analysis against Information Security Policies and Risk Management Standards. The Information Risk and Compliance Analyst will create, organize and articulate summarized risk findings that are clear and actionable by business stakeholders, reduce risk by helping to prioritize and drive remediation efforts throughout the organization, and contribute to risk management, treatment, and reporting process efforts to protect data assets. The Analyst's role will help prepare for and facilitate assessments and examinations by qualified security assessors. The Analyst will perform third party supplier security assessments, as well as facilitate and coordinate responses for customer due diligence questionnaires.

  • Knowledge of Common Controls Hub - Unified Compliance Framework (UCF) (intermediate level) preferred


  • Bachelor's degree in Information Security, Information Technology, or Management Information Systems
  • Master's degree in Information Security, Information Technology, or Management Information Systems preferred
  • Three years or more experience with risk assessments and compliance of major regulatory initiatives (e.g. SOX, PCI-DSS, HIPAA, FedRAMP)
  • Three years or more experience with cyber security and information security program management and frameworks (e.g. NIST CSF, ISO/IEC 27000, etc.)

For More Info, Go To