Senior Analyst, Information Security *LI
The Advisory Board Company
Keywords: security governance, risk management, gap analysis, business continuity planning, disaster recovery
The Role in Brief:
The Senior Analyst, Information Security will have a number of IT governance, risk and compliance management duties. The Senior Analyst will be responsible for conducting risk assessments that target internal Advisory Board initiatives as well as critical third party/vendor relationships. The Information Security Analyst will also support managing an Enterprise Governance, Risk, and Compliance (eGRC) platform, contribute to business continuity management and planning activities, conduct information security audits, and support reporting of key risk indicators and metrics across the enterprise.
What You'll Be Doing:
- Perform IT risk assessments of internal initiatives and critical third party/vendor relationships against criteria descending from industry standard information security frameworks and industry regulations, such as ISO/IEC 27001:2013, NIST SP 800-53, HIPAA, FERPA, SOX, and PCI-DSS 3.0
- Support engineering and maintenance of an eGRC platform to support the risk management and security operations functions
- Assist in the development of risk treatment plans to address areas of strategic and tactical IT and information risks in both business operations and technology paradigms
- Assist with development and maintenance of information security policies and standards
- Support development and maintenance of an information security compliance and metrics program for consistent management reporting of risks to sensitive information and technology resources across the enterprise
- Education: Bachelor’s degree in Computer Science or equivalent professional experience
- 5+ years of professional experience
- 3+ years of demonstrated experience performing IT risk assessments, IT auditing, and business continuity planning
- Knowledge of information security and IT risk management concepts and practices including frameworks and regulatory regimes
- Ability to work in a fast-paced business environment with global, geographically-distributed teams
- Professional experience in conducting IT or operational risk assessments or IT auditing
- Knowledge of eGRC platforms to facilitate development of information asset inventories, risk and compliance assessments, risk metrics collection, and risk reporting
- Experience with enterprise business continuity planning and testing activities
- Experience developing information security policy, training content, and supporting materials
- Experience delivering information security policy training to technical and non-technical audiences
- CISSP, CISA, CISM, or other information security or IT auditing certifications
About The Advisory Board Company:
The Advisory Board Company (NASDAQ: ABCO) is a global technology, research and consulting firm partnering with 238,000 leaders in 4,200+ organizations across health care and higher education. We combine the expertise of our 3,000+ employees around the world to find solutions to the most pressing challenges in health care. Our performance technology products offer user-friendly, Web-enabled dashboard platforms with tremendous analytic capabilities that generate more than $700 million in realized value annually for our members. These solutions focus on strategically important areas, including physician alignment, revenue cycle, accountable care, and surgical profitability. We thrive on innovation and the knowledge that we are creating real change in an industry that matters to everyone.
We are a workplace that…
Values and celebrates diversity of experience, culture, and opinion
Is committed to creating an inclusive environment to enhance our collective experience
Promotes a supportive community through staff-led affinity groups, event and education
Our Culture & Values:
We think Forbes said it best: “Making the world a better place is what The Advisory Board Company is all about.” We have a unique culture where employees are told to avoid after work emails, encouraged to take 10 hours per month of paid leave for community service, and are asked to add surplus value in every interaction with a member or colleague.
Over the past thirty years, we have developed a distinctive corporate culture based our values and principles. Eavesdrop on a conversation among Advisory Board teammates--or a performance review, or a planning session – and you're likely to hear phrases such as "running toward criticism" and "the power of language" used with sincerity and even passion. We function on a meritocracy – we award, promote, and praise based on individual performance, capabilities, and ambition. We provide ways for staff to share their time, talent, and passions in the community. We reward innovation and foster a collaborative environment. We have a high bar for talent, a performance-driven staff, and peers that constantly challenge one another in the workplace. And we want free-thinkers, agile speakers, witty writers, and team players to join the firm – and make an impact in industries that matter to everyone.
Consistent with our belief that our employees are our most valuable resource, The Advisory Board Company offers a competitive benefits package.
- Medical, dental, and vision insurance, dependents eligible
- 401(k) retirement plan with company match
- 20+ days paid time off and 14+ paid company holidays
- Daytime leave policy for community service or fitness activities (up to 10 hours a month each)
- Wellness programs including gym discounts and incentives to promote healthy living
- Dynamic growth opportunities with merit-based promotion philosophy
- Benefits kick in day one, see the full details here
Learn About Us
Connect With Us
The Advisory Board Company is an Affirmative Action and Equal Opportunity Employer. EOE AA M/F/Vet/Disability.