Sr. IT Risk Analyst

at Xerox in Springfield, Illinois, United States

Job Description

Sr. IT Risk Analyst

General Information

Press space or enter keys to toggle section visibility

Country

United States

Department

Information Management

Date

Thursday, July 25, 2024

Working time

Full-time

Ref#

20033706

Job Level

Specialist

Job Type

Experienced

Job Field

Information Management

Seniority Level

Mid-Senior Level

Currency

USD – United States – US

Annual Base Salary Minimum

83,520

Annual Base Salary Maximum

167,040

The salary range above represents the low and high end in the local currency of Xerox’s salary range for this position and is reflected in an annualized amount. Actual salaries will vary based on factors including, but not limited to, geographic location, market competition, and/or the successful applicant’s education, experience, knowledge, skills, and abilities. The range listed is just one component of Xerox’s total compensation package for employees. Employees are also afforded a comprehensive suite of benefits, to view those details please visit Xerox Careers for your applicable country. If you are not reviewing this job posting on Xerox Careers (https://xerox.avature.net/en\US/careers) , we cannot guarantee the validity of this posting. For a list of our current internal postings, please visit Xerox Careers (https://xerox.avature.net/en\US/careers) .

Description & Requirements

Press space or enter keys to toggle section visibility

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients – no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion. (https://www.xerox.com/en-us/jobs/diversity)

Primary Responsibilities:

+ Plans and manages the implementation of organization-wide processes and procedures, tools and techniques for the identification, assessment and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change.

+ Protects and defends information and information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation. Provides consulting for restoration of information systems by ensuring that protection, detection and reaction capabilities are incorporated.

+ Ensures that appropriate action is taken to investigate and resolve incidents and problems in systems and services. Ensures that such incidents and problems are fully documented within the relevant reporting systems. Coordinates the implementation of agreed remedies and preventative measures.

+ Conducts risk assessments for business applications and computer installations; provides authoritative advice and guidance on security strategies to manage the identified risk. Investigates breaches of IT service disruptions and recommends appropriate control improvements. Interprets information risk policy and contributes to development of standards and guidelines.

+ Maintains an in-depth knowledge of specific technical specialisms and provides expert advice regarding their application. Can supervise technical specialists.

Specific Tasks include:

Business Risk Management

+ Advises on risk management policies, and contributes to the creation and publication of strategies for managing risk to the continuing effective operation of the business.

+ Plans and manages the implementation of organization-wide processes and procedures, tools and techniques, within a specific information risk area, for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned IT-enabled change.

+ Identifies and categorizes strategic and operational risks.

+ Advises on the evaluation of identified risks (including probability/frequency of occurrence, impact, and severity).

+ Advises on appropriate action, including contingency planning, and countermeasures.

Information Assurance

+ Awareness of legal and best practices relating to availability, integrity, confidentiality, privacy, etc.

+ Recommends appropriate and practical performance measures and tracks compliance.

+ In the context of Business Continuity, assesses protection, detection, and reaction capabilities, to determine whether they are sufficient to support restoration of information systems in a secure manner.

Information Risk

+ Conducts assessments of threats to confidentiality, integrity, availability, accountability and relevant compliance. Participates in security control reviews, business risk assessments, and reviews that follow significant breaches of security controls or IT service disruptions.

+ Contributes to the development and promotion of the technical specialize. Recommends quality standards and policies relating to the technical specialize.

+ Maintains knowledge of the technical specialism at the detailed and comprehensive level.

+ Keeps in close touch with and contributes to current developments in the technical specialism within Xerox.

Requirements:

+ Previous experience with security and risk consulting.

+ A broad understanding across security domains.

+ Knowledge of and experience in security requirements, standards and practices (ex. ISO standards).

+ Holds CISSP, CISM or CISA is preferred.

+ Demonstrate sound judgment to assess highest priorities; ability to manage time and resources appropriately

+ Strong communication, organizational, and interpersonal skills; attention to detail a must

+ Must be a highly motivated, have lots of energy, and be able to learn and work with little supervision

+ Strong oral communication skills and ability to communicate with all levels of management.

\#LI-MD1

\#LI-REMOTE

Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com and explore our commitment to diversity and inclusion: https://www.xerox.com/en-us/jobs/diversity People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.