Senior Information Security Risk Analyst

at Jumio
🇮🇳 India - Remote
🔒 Cybersecurity🟣 Senior

Job description

Role Purpose:

The  Risk Analyst operates within the governance, risk & compliance service provided by the Jumio security function.

The Risk Analyst will be responsible for identifying, analyzing, and influencing the management of information risks across the organization.

Role Value:

The role holder reports into the GRC Lead and they need to positively influence other members of the security team as well as other departments across Jumio.

Responsibilities:

The key responsibilities of the role  are as follows:

Information Security Risk Management

  • Conducts information security risk assessments of internal processes,applications and software solutions.
  • Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
  • Identifies, analyzes, assesses, monitors, and tracks risks in the information security risk register.
  • Collaborates with internal stakeholders (Engineering , HR , Machine Learning , IT , Finance , Sales, Privacy,Legal, etc.) as part of the risk management program.
  • Participates in ad-hoc, non-systematic risk assessment requests.
  • Evaluates and manages security exception requests, ensuring compliance with security standards and mitigating associated risks.
  • Prepares security exception risk profile and reports to relevant stakeholders.

Third Party Risk Management

  • You support the delivery of vendor risk management and security assurance services, for high-speed business initiatives.  You perform focused risks assessments of existing or new services and technologies.
  • Identify and collaborate with internal groups with outsourcing and vendor oversight responsibilities to reduce duplication of effort and ensure overall compliance with the program.

Governance Risk & Compliance

  • You support governance risk and compliance activities within the ISMS
  • Supporting the ongoing maintenance of independent security certification activities for SOC2, ISO 27001 and PCI DSS.
  • You support the management and high-quality output from the GRC Platform.
  • You support our security compliance monitoring model.
  • You support the maintenance of security KPI metrics and reporting regularly.
  • You support the delivery of security awareness training and knowledge to all staff.
  • You support the management of security policies and processes, to ensure operational efficiency, meet regulatory compliance, and support regional demands.
  • You support external and internal audit activities as required.
  • You assist fellow Jumio’s in understanding and pragmatically responding to security audit findings.
  • Stays updated with the latest cybersecurity trends, emerging threats, and industry developments to provide proactive risk mitigation recommendations.

Qualifications, Experience & Skills Required

  • Experience in managing GRC solutions, and familiarity with Eramba or equivalent.
  • Experience in managing 3rd party vendor assurance tools.
  • Experience in supporting fast-paced GRC capabilities.
  • An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions that optimize the trade-off between risk mitigation and business performance
  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • An ability to effectively influence others to modify their opinions, plans, or behaviours
  • You are a strong communicator, and you get your message across well and clearly, you make people interested in listening to you.
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
  • Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part
  • An ability to work on several tasks simultaneously and pay attention to sources of information from inside and outside one’s network within an organization
  • You move at speed and enjoy working within a fast-paced, dynamic environment.
  • You’ll need passion and energy for the subject; you’ll care about shaping positive outcomes.
  • You’ll need to have a strong desire and hunger to learn as much as possible.
  • You’ll have a willingness to embrace change, adapt and evolve to meet the needs of the subjects we manage.

Great to have Experience and Qualifications:

  • 3+  years of work experience in information security, especially in an Information Risk Analysis role
  • 3+  years of experience in a Security Risk Management (SRM) and/or IT Audit role
  • 3+ years of experience with regulatory compliance and information security management frameworks (SOC2,  IS0 27000, and PCI DSS)
  • Desirable to be Certified Information Systems Security Professional (CISSP), Certified Information Security  Manager (CISM), and/or Certified Information Systems Auditor (CISA)
  • BS or MA in Business, Computer Science, Information Security, or a related field

Key Characteristics and Attitudes:

  • Positive energy and outcome-driven

  • Passion for the subject

  • Happy moving subjects along at a pace with minimum details by implementing them

  • Enjoy working in a self-organizing team environment

  • Thinks further than the solution appears to require

  • Adaptable and flexible

  • Fast learner, high capacity for abstract thinking and structured approach to work

  • The big picture and the detail

  • High IQ and EQ

  • Excellent analytical, conceptual and communications skills in spoken and written English

  • Articulate and persuasive

Jumio Values:

IDEAL: Integrity, Diversity, Empowerment, Accountability, Leading Innovation

Equal Opportunities:

Jumio is a collaboration of people with different ideas, strengths, interests and cultures. We welcome applications and colleagues from all backgrounds and of all statuses.

About Jumio:

Jumio is a B2B technology company dedicated to eradicating online identity fraud, money laundering and other financial crimes to help make the internet safer. We leverage AI, biometrics, machine learning, liveness detection and automation to create solutions that are trusted by leading brands worldwide and respected by industry thought leaders.

Jumio is the leading provider of online identity verification, eKYC and AML solutions. With a global footprint, we’re expanding the team to meet strong client demand across a range of industries including Financial Services, Travel, Sharing Economy, Fintech, Gaming, and others.

Applicant Data Privacy

We will only use your personal information in connection with Jumio’s application, recruitment, and hiring processes, as described in Jumio’s Applicant Privacy Notice. If you have any questions or comments, please send an email to [email protected].

Share this job:
Please let Jumio know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Jumio

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply