JOB REQUIREMENTS: Data Security Risk Analyst/Auditor - 19597 DESCRIPTION/RESPONSIBILITIES: Requisition #:19597 Functional Area: Audit/Risk/Compliance Employment Type: Full-Time Work Options: Remote / Work from Home in the US #LI-Remote Work Hours: Standard business hours Position Summary The Data Security Risk Analyst / Auditor position is responsible for assisting the Sr. Data Security Manager with evaluating conformance to data security standards and enforcing corporate data security and privacy controls. This position is part of the Risk & Compliance team, segregated from business units such as IT and others which control Company services in order to maintain objectivity in its audit oversight role. The Risk & Compliance department provides support in the areas of Enterprise Risk Management, Data Security Compliance, Intellectual Property Protection, Contract/Legal Review and Records & Forms Management. This position is able to work 100% remote, onsite at our corporate headquarters in Neenah, WI, or in a hybrid capacity. Job Responsibilities * Responds to customer written and verbal requests for detailed information about J. J. Keller\'s security and privacy strategy and implementation. * Analyzes reports of security incidents and prepares tactical and strategic actions required to respond; assists with analysis of incident to determine root cause. * Evaluates suitability of security measures and controls to protect organizational data from unauthorized access, disclosure, modification or destruction; recommends improvements. * Conducts internal audits of administrative and technical controls to assess compliance with data security and privacy policies, procedures, standards, and/or regulations. Completes audit documentation. * Provides consulting to business units on interpretation of audit results, adequacy of proposed remediation of control gaps, and recommendations for overcoming shortfalls. * Assists in updating the information security management system risk model to manage cyber risks associated with business activities and technical implementations. * Collaborates with IT Infrastructure team on monitoring security services provided by outside vendors (IDS/IPS/SIEM, reviews of developed code, vulnerability scanning, and annual penetration test). * Assesses data security and privacy practices of new company vendors; regularly reviews practices of existing vendors to ensure company requirements are being met. * Advises Contracts team on data security and privacy language included in proposed customer and vendor contracts. * Keeps up-to-date with changing trends in customer requirements, technology, security, and compliance, along with knowledge of Company services, the infrastructure on which they run, and the hardware and software supported. Advises company leadership on emerging trends and potential impact on the company. * Administers the AuditBoardauditing system for Risk & Compliance and other company users; performs system configuration, user training, and consultation. * Carries out responsibilities in a fair, ethical and non-discriminatory manner. Benefits * Medical / Dental / Vision Insurance * Annual Reviews, Merit Increases+Quarterly Bonus Program * 401(k) with Employer Match * Annual Profit Sharing * 17 PTO Days + 8 Paid Company Holidays + 1 Paid Floating Holiday * Work/Life Balance & Flex Time * Annual Learning & Development Subscriptions J. J. Keller & Associates, Inc. isan Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. Nearest Major Market: Oshkosh Nearest Secondary Market: Appleton Job Segment: Intellectual Property, Cloud, Compliance, Testing, R&D, Legal, Technology, Research ** *** OTHER EXPERIENCE AND QUALIFICATIONS: Qualifications Experience: * Experience working with information security or auditing. * Experience with risk assessment. * Experience with investigating data security incidences and asking probing questions. Education: * Bachelor\'s Degree in Business or Technology related field with a focus on information security. * Desired Certifications: CISSP, CISA, CIA, CRISC, CISM, GIAC, or CEH. Other Skills/Qualifications: * Knowledge of information security technology, disaster recovery and business continuity planning, cloud technologies, firewalls, intrusion detection systems, data loss protection, identity and access management, anti-malware, and SIEM technologies. * Knowledge of one or more of the following: NIST Cybersecurity Standard and ISO 27001:2022; 18 CIS Critical Security Controls; privacy laws including GDPR, CCPA and US States. * Must be effective in working across organizational boundaries to build a case for change and work with others to execute the change. * Enhanced organizational and prioritization skills. * Ability to work independently and meet deadlines. * High attention to detail and strong analytical skills. ***** APPLICATION INSTRUCTIONS: Apply Online: https://ars2.equest.com/?response_id=8180cef5176343ed50761c16a0b79183 Other: Applicants ONLY to apply via URL link provided!