Info Security Sr Analyst (risk frameworks and assessments)

Employment Type

: Full-Time


: Miscellaneous

What you'll do:

Join the Information Security Risk Management team where you'll help set direction for managing Information Security Risk across the enterprise. If you are passionate about managing risk, have a background in performing assessments, and a mind for reporting, this is a job for you!

Here are few examples of the kinds of things you’ll do:

  • Help craft and maintain Principal’s Information Security Risk Management Framework
  • Partner with our Risk Assessment teams to provide them with the tools and methods needed to better assess risk at vendor, information system, business unit, and enterprise level
  • Risk quantification, risk reporting, assessment design, control selection, and work with our Archer Development team
  • Collaborate with our operational risk community along with other partners in the business to help provide clear communication around the overall risk posture

  • What you'll get from us:

  • Competitive pay, benefits, perks and more. We’ll reward you for the skills and experience you have.
  • A great place to live, work and play. Greater Des Moines is one of the fastest-growing metro areas in the country. Given its vibrant and welcoming culture, it’s no wonder Des Moines has garnered so much national recognition—including #3 Best Affordable Place to Live (U.S. News & World Report, 2019).
  • Respect for your unique perspective. Diversity, inclusion and empowerment are at the core of our culture.
  • A career, not just a job. Principal is a place where you can learn and innovate. Do important work. Make an impact. And achieve your professional goals.
  • The ability to have a great job and a great life . Sure, work is important. But so is your family. And your friends. And your community. That’s why we provide the flexibility needed to find the right balance between your job and the rest of your life.

  • Qualifications:

    We’re looking for someone with:

  • Associate's or Bachelor's degree with a preference in a computer science, technology, engineering, or math related field or equivalent work experience
  • 6+ years of experience in compliance, governance or other security-related field
  • Experience in performing risk assessments and building risk management frameworks
  • Effectively communicate sophisticated security intel to a broad variety of internal and potential external audiences.
  • Must have strong analytical skills and attention to detail
  • Additional preferred technical experience:

  • NIST 800-53, NIST 800-37, and the FAIR method are big pluses

  • Job Level:

    Willing to consider applicants at multiple job levels. 

    Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...