Sr. Information Risk Analyst

About ACA:

ACA Group is the leading governance, risk, and compliance (GRC) advisor in financial services. We empower our clients to reimagine GRC and protect and grow their business. Our innovative approach integrates consulting, managed services, and our ComplianceAlpha technology platform with the specialized expertise of former regulators and practitioners and our deep understanding of the global regulatory landscape.

Position Summary:

The individual in the role of Information Risk Analyst will be responsible for assisting in coordinating and managing the execution of the information security framework, policy and programs of ACA. This individual will work with ACA teams, various department managers, staff and vendors to assist with the development, execution and enforcement of information security standards that support ACA's robust security program.

Job Duties:

Guide development of (and ensure compliance with) corporate security policies, standards and procedures.

Manage the annual review cycle and sign off of policies, while proposing changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.

Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.

Recommend and coordinate the implementation of managerial and technical controls to support and enforce defined.

Manage the annual Information Security management program that includes Risk Assessments, Penetration tests, disaster recovery plan and employee communication tests.

Perform ad-hoc work/special projects as necessary to support ACA on various client and internal

Craft and communicate creative and practical solutions to problems and express those solutions in infrastructure as code Education, Experience and Skills

Required Education and Experience:

Bachelor's Degree in related field

Two years' professional hands-on in an Information Security role

Experience in Information Security Governance, Compliance, and Risk Management.

Experience evaluating threat / risk landscapes and establishing best practices for security operations, governance, compliance and audit.

Knowledge of industry security concepts / frameworks and regulatory standards such as ISO-27001, NIST, HIPAA, PCI DSS, and CIS frameworks.

Preferred Education and Experience:

Information Security Certifications (Comptia, ISC(2), ISACA)

AWS Security certification is a plus but not required

Required Skills and Attributes :

Demonstrated professional integrity

Dependable, flexible, and adaptable to new initiatives and ever-changing client needs

Ability to work well in a fast-paced environment and able to collaborate with multiple colleagues/groups to deliver exceptional customer service

Ability to exercise discretion and make independent judgments on matters of significance

Strong written and verbal communication, presentation, client service, and critical thinking skills

Ability to work independently, multi-task and prioritize effectively

Ability to establish and maintain effective working relationships with colleagues and clients

Highly motivated and goal oriented; pro-active in one's own education and career progression; volunteers for and shows initiative on both internal and external projects and tasks.

Dedicated to upholding ACA's high-quality standards and customer service focus

Strong organizational and problem-solving skills with attention to detail

What working at ACA offers:

We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. Our Total Rewards package includes medical coverage fully funded by ACA for employees and their family as well as access to Maternity & Fertility and Wellness programs. ACA also provides Personal Accident Insurance, Group Term Life Insurance, Employee Discount programs and Employee Resource Groups. You'll be granted time off for designated ACA Paid Holidays, Privilege Leave, Casual/Sick Leave, and other leaves of absence to support your physical, financial, and emotional well-being.

What we commit to:

ACA is firmly committed to a policy of nondiscrimination, which applies to recruiting, hiring, placement, promotions, training, discipline, terminations, layoffs, transfers, leaves of absence, compensation and all other terms and conditions of employment. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected status.