IT Risk Analyst

Position can be located in Minneapolis or Atlanta.

Who We Want:
You are someone who, when asked to do the impossible, responds with a grin — “Bring it on!” You want a job, not because it is easy, but because you get to drive real transformational change. You are someone who is passionate about identifying, communicating, and reducing risk. For you, Information Security is a passion and not just a job.

What We Do:
Delta Information Security Governance (ISG) is leading the effort to mature Delta’s growing Information Security practice. The team is actively working to implement a controls focused mindset, shift our approach from a compliance focus to a risk focus, and establish meaningful metrics to truly measure Enterprise Risk and the effectiveness of the Information Security practice. We partner closely with others in the Information Security Division to drive aligned results. We have the opportunity to drive meaningful change through a well-established, well respected company leading the Aviation Industry.

Responsibilities:
Participate in vendor risk management activities including but not limited to risk assessments, gap analysis, and process improvements. Work across multiple Delta portfolios, projects, and technology areas in assessing third party solutions. Track identified findings of non-compliance with Delta standards to remediation or to an acceptable level of risk. Support the design, testing, evaluation, implementation, and deployment of security systems/devices used to safeguard the organization’s information assets. Responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. Provide accurate and up-to-date security metrics to senior management.

Qualifications:
2-6 years of experience in Information Security Risk Management

WHAT ARE WE LOOKING FOR? / WHAT EXPERIENCE DO YOU NEED?
Experience in assessing risk associated to vendor engagements involving application development, application support, and / or infrastructure services
Foundational knowledge of common security control frameworks, e.g., ISO, NIST, CIS Controls
Basic understanding of cloud computing technologies
Demonstrate strong teamwork and interpersonal skills to all levels of organization
Ability to influence with or without authority to achieve desired outcomes
Balance and successfully manage competing priorities
Keep abreast of industry trends through benchmarking, participation in professional associations etc. in order to advise others of optimal sourcing opportunities
Customer Focused: Passionate drive to delight our customers and offer unique solutions that deliver on their expectations
Critical Thinking: Thoughtful process of analyzing data and problem solving data to reach a well-reasoned solution
Team Mentality: Partnering effectively to drive our culture and execute on our common goals
Willingness to travel as needed to support this role

#LI-LOK