Virginia, US

Senior Risk Analyst

Job Description

Fragomen is seeking a seasoned, dynamic Senior Risk Analyst to join our talented Information Security & Compliance Operations team in our Technology & Innovation Lab in Pittsburgh, PA.

A Fragomen career gives you the opportunity to work with a smart, motivated and diverse peer group. Our exclusive focus on immigration means you will practice in an exciting, ever-changing and challenging environment with people who are passionate about immigration. Working in a collegial, team-oriented environment, Fragomen employees learn from the industry's leading experts. Our firm commitment to quality and best practices is supported by technological innovation that benefits our clients and staff.

Fragomen strongly affirms that the demonstration of data privacy and security is critical to meet our obligations to our clients and distinguishes our business offerings in this competitive market.  We seek a professional, passionate about data privacy and security.  One who understands how to discover and evaluate risk, whilst supporting business objectives.  A candidate who is knowledgeable of the global regulatory landscape and capable of communicating the Firm’s efforts in this area.  You will be joining a small team of risk professionals, who will help make data privacy and security a distinguishing factor in our technological offerings. A successful candidate will demonstrate these competencies, support the development of a flexible and responsive GRC program, and possess excellent communication skills to communicate our security and data privacy efforts to our global partners and senior leadership.

The Senior Risk Analyst will report directly to the Senior Risk Analysis Manager.  Responsibilities will center around the refinement of the Firm’s risk management framework which will remain flexible to support our regulatory requirements and certification programs, identifying and quantifying risk in a coherent and manageable framework, and establish trend analysis that support broader risk-based business decisions. 

What a Senior Risk Analyst Does at Fragomen:

Operationalizing Risk Management:

  • Operationalize the Firm’s central risk framework used to record and manage current and emerging technical risk around our privacy and security obligations.
  • Perform process and data analysis focused on data privacy and security measures around applications and processes critical to the firm’s operational success.
  • Identify data privacy and security risk inherent in process and applications for mitigation and management efforts to provide data privacy and security by design and default.
  • Document business requirements for system enhancements required to support current and emerging regulatory and compliance mandates. 

Maintenance of the Firm’s Policy Framework:

  • Responsible for all Fragomen IT Policy development and maintenance including updates and managing the approval cycle as well as any new policy-related initiatives.

Assistance in GRC Operations:

  • Acquire fundamental knowledge of all five Compliance Operations areas to gain comprehensive knowledge of operations and better understand emerging risks.
  • Collaborate with partner GRC oriented teams such as the Office of Audit and Privacy, the Office of General Counsel, Information Security and Compliance to establish a clear risk management framework.
  • Collaborate with GRC oriented teams and legal/client relationship teams to continuously improve and demonstrate the firm’s commitment to data privacy and security.

Let’s Talk If You Have:

  • Strong understanding of information security and data privacy frameworks to include NIST Cyber Security Framework (CSF), NIST 800-53, ISO27X series, SOC2 and PCI a requirement.
  • Demonstrated knowledge of Data Privacy and Information Security regulatory landscape and trends in third party vendor requirements.
  • Knowledge of IT auditing principles
  • Total of 7 years of experience in the compliance field based on work history and/or education
  • Current CRISC, CISA, CISM preferred. CIA and/or CISSP is a plus.
  • Working knowledge of any industry GRC tool such as Archer, MetricStream, Riskonnect, etc.…, a plus.

About us:

Fragomen is the world’s leading single-focus provider of immigration guidance and support, backed by the best resources in the immigration services industry. The firm has more than 50 offices and over 4,000 employees located in key commercial centers throughout the Americas, EMEA and Asia Pacific. Fragomen offers immigration support in more than 170 countries.

The firm is structured to support all aspects of immigration, including strategic planning, compliance, government relations, reporting, and case management and processing. We represent a broad client base ranging from individuals and emerging businesses to many of the world’s leading multinational corporations.

Path Created with Sketch. US-Pittsburgh
Apply for a job