• Information Security (InfoSec) Risk Management…

    World Wide Technology (St. Louis, MO)


    _This is a full-time direct hire position. We are not able to offer visa sponsorship, 1099 status, or work with C2C for this role._

     

    Why WWT?

     

    At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.

     

    Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

     

    With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all.

     

    Want to work with highly motivated individuals that come together to form a high-performance team? Come join WWT today! We are looking for an Analyst to join our team within Information Security (InfoSec): Governance, Risk, and Compliance (GRC).

    General Summary of Position:

    The Risk Management Analyst position is critical for protecting organizational assets by ensuring compliance with internal policies and standards, contractual agreements, and relevant legal, and regulatory requirements, and recommending improvements to strengthen the organization’s internal control structure.

     

    The Risk Management Analyst implements risk management policies, procedures, and frameworks in alignment with industry standards and best practices to identify, assess, and mitigate potential risks across the organization and serves as a consultant within InfoSec, other internal departments, and the procurement of products and services.

    Responsibilities (includes but is not limited to):

    + Perform scheduled and ongoing risk assessments and analyses on various business processes, projects, initiatives, and third parties, as applicable.

    + Identify and evaluate potential risks and their impact on the organization's objectives, performance, and reputation.

    + Coordinate and facilitate risk management activities across different departments and stakeholders.

    + Monitor and review risk indicators and metrics and report on risk exposure and performance.

    + Analyze and communicate risk trends, issues, and incidents and provide recommendations for resolution.

    + Collaborate with Security Operations and other teams to validate assessment findings and establish remediation plans, as well as facilitate remediation of vulnerabilities and other security findings

    + Assist with educating and providing awareness related to the risk management program to relevant stakeholders.

    + Ensure the rigorous application of InfoSec policies, standards, and procedures in the delivery of all WWT products and services.

    + Keep up to date on the latest security threats, laws, regulations, policies, and industry best practices.

    Knowledge (includes but is not limited to): 

    + General knowledge of risk management methodologies.

    + General knowledge of policy lifecycle processes.

    + General knowledge in information security best practices and frameworks, including (but not limited to) NIST Special Publications and Cyber Security Framework, CIS Controls, ISO/IEC 27000 series, and OWASP Top 10.

    + General knowledge of audit and compliance methodologies.

    + General knowledge of laws and regulations related to information security and relevant to the organization, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

    Skills (includes but is not limited to):

    + Demonstrate professional skepticism to ensure evidence is sufficient when assessing the relevant information security controls.

    + Communicate and present concisely and effectively based on the appropriate level of management and audience.

    + Manage competing deadlines and prioritize responsibilities to effectively meet business needs.

    + Work both independently and as part of a team at all levels and across departments.

    + Demonstrate an understanding of business processes, internal control risk management, IT controls, and how they interact together.

    + Demonstrate leadership and problem-solving skills.

    + Demonstrate proficiency in process formulation and improvement.

    + Demonstrate knowledge of legal requirements for the privacy of personal information from employees and customers.

    + Strong attention to detail in documenting policies, standards, and processes.

    Education and Experience Requirements:

    + Either a bachelor’s degree or 2 – 4 years of experience in the InfoSec field.

    + A Cyber Security, Information Assurance, InfoSec, or Information Technology degree is preferred.

    + Security certifications are preferred.

    + General knowledge of a wide breadth of information security areas. Deep technical knowledge is not required.

    + Excellent verbal and written communication skills. Able to communicate persuasively and influence others. Able to have difficult conversations with employees who do not follow policy. Able to explain technical information to customers, vendors, senior management, and staff. Able to apply knowledge and deductive reasoning.

    **Location:** St. Louis, MO

     

    Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $77,200.00 to $96,500.00 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.

     

    The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

     

    + **Health and Wellbeing:** Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program

    + **Financial Benefits:** Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement

    + **Paid Time Off:** PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement

    + **Additional Perks:** Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

     

    We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

     

    _If you have any questions or concerns about this posting, please email_ [email protected]_ _._

    _\#LI-SSJ1_

    _\#LI-ONSITE_

    WWT will consider for employment, without regard to disability, a disabled applicant who satisfies the requisite skill, experience, education, and other job-related requirements of the job and is capable of performing the essential requirements of the job with or without reasonable accommodation. World Wide Technology is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, age, disability, veteran status, genetic information, or other characteristics protected by law. We are committed to working with and providing reasonable accommodations to individuals with disabilities. If you have a disability and you believe you need a reasonable accommodation in order to search for a job opening or to submit an online application, please call 1-800-432-7008 and ask for Human Resources.