IT Risk Management Analyst with Security Clearance

V-Soft Consulting is currently hiring for an IT Risk Management Analyst for our premier client in Bannockburn, Illinois. Ideally someone who is CRISC certfied. Education and Experience "
Bachelors or equivalent.
3-5+ Years of Experience in Information Technology preferably in Cybersecurity
Preferably at least 3-5+ years' experience in cybersecurity, risk management, compliance, IT governance, or other related functions.
3-5+ years experience authoring and managing IT and Security Policies, Procedures, and/or Standards.
2+ years experience performing IT or Security assessments or audits.
Experience supporting risk management processes including risk register, treatment/remediation, POAM, or reporting.
Demonstrable experience in supporting security metric and risk reporting programs. Knowledge, Skills and Abilities "
Knowledge and demonstrable experience utilizing / assessing against common security and controls frameworks: COSO / CoBIT, NIST CSF, NIST 800-53, NIST 800-37, ISO27001, CIS Controls (or equivalent).
Knowledge and demonstrable experience utilizing common risk management tools: Archer, ServiceNow IRM, MetricStream, or similar.
Excellent writer who can draft new policy, procedure, and standard materials and is also comfortable updating existing materials.
Great communicator that can articulate risk concepts to both technical and non-technical audiences.
Great listener that can capture and understand stakeholder requirements to translate into security controls.
Multi-tasker who is comfortable supporting parallel initiatives with attention to detail.
Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively. WHAT YOU'LL DO:
Job Responsibilities:
Build relationships, advocate, and consult to different functional and business stakeholder groups on areas of IT and Security Policy.
Manage IT and Security policy review, training, and development schedule.
Support development and lead management of security policies, procedures, and standards.
Support the risk assessment, risk register, risk treatment, and risk reporting process.
Support the cybersecurity awareness and training programs, including the phishing simulation program.
Support the customer cyber due diligence and vendor cyber risk processes.
Support general IT Risk Management activities as needed.
Support and manage compliance metric reporting and dashboard development as needed.
Perform other duties and responsibilities, as assigned. Interested?
Qualified candidates should send their resumes to