InfoRisk Managememt Analyst

We are looking for candidates with strong technical expertise to fill this role. Below are the details of the position:

Job Summary:

We are seeking an Information Control Testing Specialist to join our Enterprise Technology & Services (ETS) team. In this role, you will collaborate with various service areas within ETS to act as a trusted partner and domain expert, helping protect the organization’s information assets. You will participate in global projects and initiatives to ensure information risk is effectively managed, perform security risk assessments, and provide consulting support for tool and service implementations.

The role also involves working closely with infrastructure, development, and application teams to implement and monitor security controls, ensuring adherence to information security policies, procedures, and standards. You will report on the effectiveness of these controls to senior management.

Candidate Value Proposition

• Exposure to emerging technologies
  , including AI and cloud deployment models
  .
• Hands‑on experience conducting risk assessments and deepening technical architecture knowledge.
• Experience working with risk dashboards and project‑based learning initiatives.
• Career‑enhancing exposure to modern infrastructure and AI‑related technologies
  .

Key Responsibilities

• Assist project teams in identifying and validating security requirements or lead information risk assessments.
• Conduct in‑depth technical risk assessments to ensure security safeguards align with corporate security policies and standards.
• Provide recommendations and guidance to ETS service areas on information security requirements and best practices.
• Participate in Go‑Live Acceptance Reviews for new infrastructure and services.
• Prepare and deliver risk assessment reports in accordance with internal governance standards.
• Support other information risk management activities as assigned.

Must‑Have Skills

• Minimum 5 years of experience in information security and information risk management.
• Strong understanding of security architecture and controls across multiple infrastructure platforms, including:
• Windows, Unix, Red Hat Linux, virtual hosting, networking, end‑user technologies.
• Cloud computing models:
  IaaS
  , PaaS
  , and SaaS
  .
• Hands‑on experience with security technologies such as:
• SIEM/big data solutions for security monitoring.
• Network Access Control (NAC), vulnerability management tools.
• PKI/Encryption, Advanced Persistent Threat (APT) solutions (e.g., Fire Eye, Zscaler).
• Firewalls, IPS, WAF.
• Familiarity with frameworks like OWASP
  , SANS
  , and penetration testing methodologies.
• Knowledge of application security best practices
  , including secure coding and security testing techniques.
• Working experience with:
• Cloud platforms:
  Azure
  , AWS
  , or GCP
  .
• Windows services:
  Active Directory
  , DNS
  , IIS
  , MSSQL
  .
• Federated services and protocols:
  ADFS
  , SAML
  .

Nice‑to‑Have Skills

• Understanding of AI technologies and their deployment models.

Education & Certifications

• Bachelor’s degree in Computer Science
  , Information Technology
  , or a related field.
• Certifications such as CISSP
  , CISA
  , CISM
  , or CEH are considered strong assets.

Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status