Compliance & Risk Analyst

Join a global compliance team for one of Boston's leading Asset Management Firms. This role will report to the Manager of IT Security and is part of the IT Production Control & Risk Management group. The IT Security Risk Analyst is a member of the IT Security Risk & Audit team, and has project, audit, reporting, and documentation responsibilities. The individual also assists with staff action processing and security incident management, as well as day-to-day security support and operational tasks.

Primary Responsibilities :

• Participates in IT security project management
• Generates and analyzes application, SQL, file system access audit documentation
• Performs access analysis for staff actions (onboarding / transfers / terminations)
• Assists in data classification & protection projects
• Manages email security functions
• Participates in weekly meetings with other internal risk management teams
• Supports the definition and implementation of security policies & procedures
• Maintains documentation for processes and procedures
• Identifies and supports quality improvement initiatives
• Assists in performing product evaluations in support of data security initiatives
• Performs IT security risk assessments of both new and existing in house and vendor based systems
• Contributes to company standards and policies related to IT security risks
• Maintains broad knowledge of best practices and trends in the field of Information Security
• Supports vulnerability management processes
• Assists in the adoption of new tools, processes and policies to enhance the firm's security posture
• Performs various duties around the formation, delivery and maintenance of the firm's Information Security Awareness and Communication Program
• Provides after-hours coverage for Security Events and Incident Response
• Provides technical security support to Business Areas and IT staff on products, projects, applications and services as required
• Participates and lead incidents as part of the Information Security Incident Response Team (ISIRT)
• Participates in Information Security meetings and activities as required
• Performs any and all other assigned Information Security Program tasks and functions
• Provides cross functional support for RFP generation by defining the security and compliance responses to appropriately address customer needs and leveraging the expertise of others to support
• Assists in workflow enhancement for various supporting processes

Required Skills :

#LI-MG1