Overview
Risk and Security Analyst – level III Jobs in Irvine, California, USA at Capital Group
Title: Risk and Security Analyst – level III
Company: Capital Group
Location: Irvine, California, USA
Type: Full Time
Category: IT/Tech, Security
“I can succeed as a Technology Risk and Security Analyst at Capital Group.”
The Technology Risk organization is responsible for the implementation of an effective Technology and Security risk management framework that partners with various lines of defense and stakeholders in the organization. The role is a strategic role within the Chief Information Security Officer (CISO) organization to drive the achievement of our strategic plan for risk management.
This role presents significant intellectual and
technical challenges
with tremendous opportunity for business impact. Leveraging new and emerging technologies is key to Capital Group realizing its long-term strategic objectives and identifying the risks these new technologies present to Capital Group and finding ways to adequately eliminate or mitigate these risks will be both
challenging
and immensely rewarding. A key part of the role will be collaborating with other internal risk functions to support evaluations of the effectiveness of Capital’s technology policy and controls infrastructure, as well as providing external auditors and regulatory examiners with the materials necessary to conduct their work.
As a Technology Risk and Security Analyst, you will be responsible for contributing to the overall work efforts that identify, assess, track remediation efforts, and manage technology related risks across Capital Group. You will be a key member of the Technology Risk Team, and you will serve as an adviser to business areas on their security and technology risks.
Responsibilities:
Governance, Risk and Control Assessments
Support oversight of the following risk and control capabilities:
IT and security policies, standards, and procedures management
Threat identification andrisk assessment
Metrics and reporting
Testing and external assurance oversight
Remediation management
Support first and second line of defense risk functions and relevant governance committees and other stakeholders as appropriate to develop the technology risk management agenda.
Support the design and implementation of best practices and technology risk management frameworks across the Information Technology Group (ITG).
Help establish and contribute to the application of Technology risk policies, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
Assess’ risks and drive actions to address the root causes that persistently lead to operational/technology risks losses bychallengingboth historical and proposed practices.
Review control exception requests and ensure risk mitigation or acceptance strategies are appropriate with input from your manager.
Provide advisory services to technology and business teams on technology risk and control matters pertaining to projects on firm initiatives and projects.
Enable the creation of and distribution of actionable risk metrics and reports.
Facilitatecollaborationfor risk analysis, remediation scoping and prioritization, reporting and engagement with stakeholders to enable oversight and effective risk decision making.
Support the design and implement the collection and reporting of key risk and control metrics.
Support the technology risk governance committee as well as other risk committees in the organization to establish a shared view of risk.
Monitor for emerging risks; recom…
