20 days old

Sr. Information Security Risk Analyst

Discovery Inc
Silver Spring, MD 20901
Apply Now
Apply on the Company Site
  • Job Code
Discovery Inc

Location: Silver Spring, Maryland, United States,
Req ID: 30106


Reporting directly to the Director, Information Security Risk Management, the Senior Information Security Risk Analyst will support the assessment of third party risks globally. Assists in ensuring overall adherence to information security policy and standards and implementation of best practices by third parties with whom Discovery engages. Responsibilities will include business-as-usual delivery on risk assessments, contract reviews, consultation, and leading process improvement efforts.

The Analyst is a technology and process focused security professional with an understanding of data protection threats and mitigating controls. This role requires the ability to understand and assess information security risks posed and clearly communicate those risks to the business. It will apply global IT industry best practices to ensure Discovery uses information security risk management to foster business-enabling insights.


  • 5-7 years experience in information security and/or third party risk management
  • Bachelor's degree in Information Security, Computer Science or IT-related field , 5-7 years equivalent experience without a degree
  • CISSP, CRISC, CISM, CISA, Security Plus preferred
  • Knowledge of IP network infrastructure (firewalls, intrusion detection/prevention), access control, data encryption and physical security; Cloud security knowledge a plus
  • Ability to identify, and assess IT security controls against Discovery policies and standards and identify and communicate gaps
  • Ability to work collaboratively as part of a team, and across both business and technology functions
  • Detail-oriented individual with critical thinking, analytical, and problem solving skills
  • Demonstrated ability to interact, build relationships, and communicate well with members of team and management
  • Excellent communication skills, including the ability to present complex topics in clear, non-technical language; outstanding analytical, writing, and oral presentation skills
  • Demonstrated ability to be proactive, take ownership of and solve problems, and to deliver work products which are consistent with sound and ethical business practices, and common sense;
  • Active learner - able to enhance personal, professional, and business growth through new knowledge and experiences
  • Must have the legal right to work


  • Work with business and vendor to understand the what and how of services provided in order to assess level of risk and scope of assessment
  • Assess vendor controls to identify, document, and communicate key deficiencies to the business and Information Security management
  • Coordinate across Information Security teams to incorporate technical reviews into overall assessment
  • Report on assessment outcomes, risk level and associated recommendations to remediate issues
  • Review contracts to ensure appropriate data security terms are included
  • Monitor corrective action plans against agreed upon timelines and actions and review evidence for closure
  • Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure
  • Contribute to the teams continuous improvement efforts by identifying opportunities and helping to implement them


Posted: 2021-10-08 Expires: 2021-11-09

Job Opportunities

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Information Security Risk Analyst

Discovery Inc
Silver Spring, MD 20901

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast