Information Security Risk Analyst

Job Number:




Onsite Flexibility:


Job Description

*Remote Opportunity*

  • 2 years of relevant, information security experience in governance, risk, and compliance programs or similarly a related field with similar job duties; must be able to demonstrate knowledge and experience in information security risk management, compliance, and governance
  • Knowledge and experience with applicable information security authoritative sources (legislation, business regulators, and audit standards), including HIPAA, Centers for Medicare & Medicaid Services (CMS), Payment Card Industry (PCI), MAR, SSAE 16, and GLBA
  • Knowledge and experience preferred with information technology, security, and service management frameworks, including COBIT, ITIL, NIST, FIPS, and ITSM
  • Knowledge and experience with information systems infrastructure and applications
  • Analytical, troubleshooting, and problem resolution skills
  • Ability to evaluate and test new techniques and technologies
  • Excellent written and verbal communication skills
  • Excellent relationship and team building skills
  • Knowledge of business operations is highly desirable

Required Certification:

  • Professional certification, including CISSP, CISM, CISA, GIAC, CRISC, or similar security certification


  • Assist the third-party risk management team in processing information related to vendors and partners in order to reduce risk to member and employee data
  • Initiate, monitor, process, and provide follow up on third-party information security vendor questionnaires for all in-scope relationships
  • Assemble relevant risk reporting for in-scope vendors
  • Support other members of the third-party risk management team in achieving the goals of the program, as directed and as trained
  • Support the risk identification and management process across all aspects of the enterprise
  • Assess the current adequacy of the security strategy and controls, threats to the systems, and then calculate the impact of potential adverse events on company assets
  • Provide risk assessments; must be continual, as the threat profiles change constantly
  • Keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect their systems or cover potential losses
  • Conduct projects related to compliance, control assurance, risk management, security, and infrastructure/information asset protection
  • Work on IT risk assessments for one or more IT functional areas across the enterprise
  • Develop security solutions for low to medium complex assignments

Location: Remote
Must be located in one of the following states: TN, AL, GA, NC, MS, AR, or KY

Information Security Risk Analyst

TM Floyd & Company offers a generous array of benefits, depending on the length of assignment. We also offer a referral bonus of up to $1,000. Ask us for more details!

TM Floyd & Company participates in E-VERIFY

Share Job Post

Share on facebook
Share on twitter
Share on linkedin

Job Application

  • Drop files here or
    Accepted file types: pdf, doc, docx, pages, Max. file size: 10 MB, Max. files: 2.
    • This field is for validation purposes and should be left unchanged.