Senior Information Security Risk Analyst

See yourself at Radian? We see you here too. At Radian, we see you. For the person you are and the potential you hold. That’s why we’ve embraced a new way of working that lets our people across the country be themselves, be their best and be their boldest. Because when each of us is truly seen, each of us gives our best – and at Radian, we’ll give you our best right back. See Yourself as a Senior Information Security Rick Analyst As part of Radian's Information Security Risk Assessment Program -- under the direction of the VP Information Security GRC – the Sr. Information Security Compliance Analyst’s essential functions involve core compliance activities as well as risk identification, measurement, mitigation, monitoring and reporting. Key responsibilities include: Conduct compliance with contractual and regulatory activities. Conduct risk analysis and assessments using internal tools and third-party vendor partners. Assess applicable threats and their probability and potential impact to confidential information and/or business operations. Review third-party attestation, security rating and audit reports. Work with Business and the Procurement Teams to ensure results are clearly articulated and, if needed, recommend remediation options commensurate with risk. Transpose risk assessment results into understandable terms for senior leadership and to assist the business in making beneficial decisions for the Company. Contribute to the ongoing development and maturity of the Information Security Program by identifying opportunities for improvement including process and methodological enhancements, areas for automation/integration, and staff training. See the Primary Duties and Responsibilities Manage Third Party Risk Management vendor security assessment (VSA) process. Ensure VSAs are complete, accurate and delivered back to the business within SLA. Work with Procurement and Vendor Management team as appropriate. Manage the GRC tool (Lock path) and work with vendor support (Navex) as appropriate. Measure and report KPIs monthly to executive team. Oversee daily work for one Staff Aug. resource. Conduct compliance activities such as 23 NYCRR 500 reporting, NIST CSF mapping, and legal / contractual reviews Develop and drive control mapping to risks and associated security risk frameworks; track changes in threats, impacts and control effectiveness to inform updates over time. Build and maintain risk documentation including security risk register with assessment output. Manage monthly register reporting and conduct quarterly meetings with Information Security team. Research, design and implement tools and measures to automate risk management and risk reporting tasks where feasible. Manage process effectiveness, measurement and optimization. Manage oversight and monitoring of risk mitigation and coordination of policy and controls with the GRC Team to ensure risk owners, initiative owners and other key partners are taking effective and timely remediation steps. Prepare reports and presentations on the state of information security risks and the information security risk program on a regular basis and when ad-hoc requests arise. Perform other duties as assigned or apparent. See the Job Specifications Your Education and Prior Work-Related Experience: Degree Requirement: Bachelor's Degree Work Experience: 5 or more years of prior work related experience Your Qualifications: Demonstrated knowledge and understanding of information technology, systems and architecture. Expertise in technology and information risk assessments and identifying technology and internal controls necessary to mitigate risk. Knowledgeable of technical security standards such as NIST and ISO. Knowledge of audit and compliance frameworks and reporting, including SOC, SOX, NIST, COSO, SIG/SCA, ISO, etc. 3 years of relevant work experience in IT risk management, Information Security, Internal Audit, Information Technology, Risk Management, Compliance or other relevant field. Ability to conduct risk identification, risk assessments, threat modelling, risk treatment measures including risk acceptance, governance including measuring/monitoring/reporting, risk aggregation, control assessments & controls testing, etc. Ability to articulate risks and communicate effectively to various levels of management. Ability to create and implement program structure and process and to help automate tasks wherever feasible. Ability to support Legal Team when issues arise in relation to the contract negotiation of the vendor's security practices a plus. Ability to translate complex technical terms into plain language for business representatives and stakeholders. Ability to work effectively with a wide range of individuals including developers, systems administrators, executives, customers, regulators, auditors, etc. Excellent analytical and process development skills. Preferred Education Level: Master’s Degree (Information Security, Security Assurance, or related) Preferred Years of Prior Work-Related Experience: 5-8 years Other Qualifications, including any special skills, capabilities, and competencies: CISSP, CRISC, CISA, CISM or equivalent See Your Location Radian is committed to a flexible work environment for many of our roles. This role is hybrid and will provide you the flexibility to work both in office and at your designated *Work From Anywhere* location each week. *Work From Anywhere is subject to Radian’s Alternative Work Policy and business needs See Why You Should Work With Us Competitive Compensation: Competitive Compensation: anticipated base salary from $86,000 to $133,000 based on skills and experience. This position is eligible to participate in an annual incentive program. Our Company Makes an Impact. We’ve been recognized by multiple organizations like Bloomberg’s Gender-Equality Index, HousingWire’s Tech 100, and The Forum of Executive Women’s Champion of Board Diversity. Radian has also pledged to PwC’s CEO Action for Diversity & Inclusion commitment. Rest and Relaxation. Generous time off starting day one, 9 paid holidays 1 floating holiday in support of our DEI culture. Health Benefits. Multiple medical plan choices, including HSA and FSA options, dental, and vision. Prepare for your Future. 401(k) with a top of market company match (did we mention the company match is immediately vested?!) Paid Parental Leave. An opportunity for all new parents to embrace this exciting change in their lives. Employee Assistance and Discount Programs. From helping you navigate the healthcare system, to providing resources and assistance to parents and caregivers of children with development disabilities, to scoring discounts with thousands of retailers. Pet Insurance. To help protect our furry family members. See More About Radian Radian is a fintech servicing the mortgage and real estate services industry. As a team, we pride ourselves on seeing the potential of every person, every idea and every day. Seeing each other at Radian goes far beyond our open, flexible culture. It means seeing our people’s potential – and creating inspiring career paths that help them get there. Or seeing new pathways and innovating for the future of our industry. It means seeing each other for all that we are. And it means seeing our purpose as one that extends beyond the bottom line – having an impact on communities across the country to help more people achieve the American Dream of homeownership. We hope you’ll see yourself at Radian. See more about us at Radian.com. Defining Roles for Radian's Future Understanding the qualities and characteristics that define a Leader and an Employee is important to building our future-fit workforce. Radian's future is only as bright as its people. For that reason, our People Plan includes profiles to support the qualities and characteristics that each Leader as well as each Employee should embody upon hire or via development. EEO Statement Radian complies with all applicable federal, state, and local laws prohibiting discrimination in employment. All qualified applicants will receive consideration for employment without regard to gender, age, race, color, religious creed, marital status, gender identity, sexual orientation, national origin, ethnicity, ancestry, citizenship, genetic information, disability, protected veteran status or any other characteristic protected by applicable federal, state, or local law. Equal Opportunity Employer Details To learn more about Radian’s Code of Conduct and Ethics and workplace conduct, please click [here]. Radian participates in E-Verify [Link] (en español [Link]). Learn more about your rights under immigration laws [Link] (en español [Link]). Accommodation Whether you require an accommodation for the job application or interview process, Radian is dedicated to a barrier-free employment process and encourages a diverse workforce. If you have questions about the accommodation process, please e-mail careers@radian.com.