IT Risk Analyst
Company Description
Have you imagined working in an environment driven by a passion and desire to not only outperform, but also outbehave the market? Since 2009, Flywire has been that company, creating solutions that break barriers, and teams that always look at the next disruptive way to move Flywire and its customers into the next phase of global payment solutions.
Job Description
This position will lead the collaboration and implementation of IT Security Policies, Procedures, and Standards. This is a hands-on position that requires a strong technical background in security best practices, IT controls, policy and procedure development.
Primary responsibility of the position is to monitor, evaluate and implement security controls to ensure the organization maintains its compliance to System and Organizational Controls (SOC), Purchase Card Industry Standard (PCI) and Health Insurance Portability and Accountability Act (HIPAA) across all departments and locations. They will lead the external audit process.
The Information Security Manager is a proven thought leader and problem solver, as well as, an effective internal consultant, who will regularly advise business leaders on information security risk issues. To perform this job successfully, an individual must be able to perform the Duties and Responsibilities below
Key Responsibilities
- Remain current with industry best practices and monitor the legal and regulatory environment for developments that could require changes to Flywire’s established policies, standards and practices
- Assist resource owners and IT staff with understanding and responding to security audit findings reported by internal and external auditors.
- Follow up on deficiencies identified in self-assessments, automated assessments and internal and external audits to ensure appropriate remediation measures are taken
- Manage and respond to client information security assessments/questionnaires and RFP’s
- Assess and remediate the internal control gaps to ensure that the company is conducting operations in accordance with established guidelines and regulations
- Manage audits including SOC II and PCI
Qualifications
FlyMate Skills & Qualifications
- Bachelor's degree or equivalent combination of education and/or experience
- Minimum of 4 years of experience in IT risk management or security
- Experience with information risk assessment methodology development and application
- Working knowledge of SOC II and PCI with practiced program alignment and integration
- Working knowledge of IT management frameworks such as National Institute of Standards and Technology (NIST) and/or Information Technology Infrastructure Library (ITIL)
- Strong verbal and written communication skills
- Ability to communicate clearly and effectively with technical and non-technical customers
- (Preferred) One or more current information security certifications such a CISM (Certified Information Security Manager) or CISSP (Certified Information Systems Security Professional)
Additional Information
With over 30 nationalities across 9 different offices, and diversity and inclusion at the core of our people agenda, we believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.