Job Title:Senior Security Risk Management Analystdate Revised / Created: 10/26/2017

Job Description

Job Title:Senior Security Risk Management AnalystDate Revised / Created: 10/26/2017

Job Code:Previous Job Title(if revised):

Division: LegalPrevious Job Code(if revised):

Part of Job Family: No

If yes, list other jobs in family:

Disclaimer

This job description is not intended, and should not be construed to be, an exhaustive list of all responsibilities, skills, efforts or working conditions associated with the job. It is intended, however, to be an accurate reflection of those principal job elements essential for making decisions related to job performance, employee development and compensation. The incumbent may perform other duties and responsibilities at the sole discretion of WoodmenLife.

General Position Summary

Responsible for performing corporate security risk management analysis that may involve wide-ranging risk and business impact evaluations. Minimize exposure to the company by working closely with individual business units, auditors, and third party vendors. Design and track security programs and operations, assess security performance and build relationships with company internal clients.

Travel (% of work period)

20%

Essential Job Functions

List 6-10

• Responsible for assessing the security performance of WoodmenLife and third-party facilities and information resources used by the Organization to access, create, receive, maintain, process or otherwise use information that is protected by WoodmenLife policy and/or law.
• Assist in the designing and tracking of WoodmenLife’s security program and operations, along with executing tactical initiatives set forth by WoodmenLife Management.
• Research and analyze industry trends, best practices and regulatory requirements in order to assist with the development, maintenance, and enforcement of risk based security policies, processes, and standards.
• Provide complex analytical, audit and project support in risk measurement and control analysis, development and validation of controls
• Execute, properly document, and present reports of security audit results to the Organizations leadership team. The reports will include thorough audit documentation, findings and recommended solutions, alternatives, and procedural changes to help reduce security risks.
• Assist with maintaining the Organizations compliance with WoodmenLife’s policies, standards, procedures, and all applicable laws.
• Assist with the planning and conducting risk assessments to evaluate security risks associated with the Organizations information resources and physical assets.
• Provides expertise and coordinates with other subject matter experts to mitigate Corporate Security risks and to correct compliance exposures and gaps.Meets expectations for attendance and punctuality in accordance with the expectations established by your supervisor and WoodmenLife policy.
• Performs other duties as assigned by management.

PreferredQualifications

List 6-10

This job requires a background that demonstrates the following minimum knowledge, skills, talents and traits:

• Bachelor’s Degree in Business, Computer Science, Information Assurance, Management Information Systems or equivalent education and/or experience.
• 3+ years of experience in Risk Management, Information Security, IT Audit, Information Assurance, Compliance, and/or Physical Security, preferably in the financial services industry.
• Certified Information Systems Auditor (CISA) or other similar information systems audit certification.
• Experience in developing policy and procedures with regard to security administrative, technology and physical safeguards.
• Knowledge in various areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT Architecture, Monitoring, Incident Response, Security Strategy, and Physical Security.
• Knowledge of generally accepted information security audit standards, statements and practices, and information security and control practices, and physical security standards.
• Strong interpersonal skills and the ability to communicate clearly and effectively both verbally and in writing.
• Strong observational and analytical skills
• Strong physical security and information security skills and knowledge
• Ability to use sound judgment and logic to solve problems.
• Ability to work independently and to meet deliverables.

• The ability to provide seamless, trustworthy, attentive and resourceful (S.T.A.R.) customer service.
• Engages well with others and are passionate about providing an exemplary customer experience.

Additional Requirements:

This job requires a professional license or certification. This is a Sales job located within the Home Office

[ X ] False[X ] False

[ ] True – Professional License Verification[ ] True – Insurance Dept Complaint

This job requires a commercial/chauffeur/driver’s license.This job is required to comply with SEC Rule 240.17F-2.

[X ] False [X ] False

[ ] True – MVR Request [ ] True – Fingerprinting

Physical Requirements for the Essential Job Functions

Job Title:Sr. Security Risk Management Analyst

Percentage (%) of work period

Physical Demands / N/A or seldom / 1-33% / 34-66% / >66% / Comments
1 / Keyboarding/Writing (working primarily with fingers) / X / Working primarily with fingers, includes rapidrepetitive finger motions, pinching, picking.
2 / Handling (working primarily with hands such as grasping, turning, sorting) / X / Working primarily with hands such as grasping, turning; sorting and filing.
3 / Paced Work (physical productivity/quota demands) / X / Productivity goals/quota that require inputting/sorting/moving body parts in rapid motion or pace to meet demand.
4 / Static reaching (working with elbows away from body) / X / Working with elbows away from the body.
5 / Reaching above shoulder(s) / X / Extending hands and arms above shoulder level.
6 / Sitting / X / Jobs that require sitting most of the day “sedentary” not necessarily “confinement.”
7 / Confinement to work areas / X / Limited ability to move around due to machine paced tasks or constant contact of one or more body parts to instruments or tools. (Wearing a headset)
8 / Standing/Walking / X / Remaining on ones feet in an upright position or moving about by foot.
9 / Bending/Stooping / X / Bending body downward and forward by bending spine at the waist. Stooping/Squatting -bending at hip and knees requiring full use of lower extremities and back muscles
10 / Climbing / X / Ascending or descending ladders, stairs, scaffoldings and the like, using feet and legs or hands and arms.
11 / Talking (required use of voice) / X / Required use of voice to complete job demands.
12 / Near Vision / X / Clarity of vision at 20 inches or less.
13 / Far Vision / X / Clarity of vision at 20 feet or more.
14 / Environmental Conditions/Exposure to weather / X / Working outside in atmospheric conditions.
15 / Environmental Conditions/Exposure to fumes/odors / X / Working around chemicals that give off odors/fumes.
16 / Hearing / X / Perceiving the nature of sounds by ear.
17 / Hearing protection required? / Yes [ ] / No [x]
Weight/Force Repetition / N/A or seldom / 1-33%
1-32 reps per day / 34-66% 33-200 reps per day / >66% 200 reps per day / 10-19 lbs. / 20-50 lbs. / >50 lbs.
18 / Lifting/Carrying
Lifting-raising or lowering an object from on level to another. Carrying-transporting an object usually holding it in hands/arms or on shoulders. (Weight in pounds) / X / X
19 / Pushing/Pulling (lbs. of force)
Exerting force upon an object so that the object moves either towards or away from the force. This differs from weight. / X / X

Definitions:

Percentage of work period: 1-33% = Occasionally; 34-66% = Frequent; >66% = Constant

The symbol “>” = Greater than.

The abbreviation “Reps.” = repetitions or number of times

Woodmen of the World Life Insurance Society: Omaha, NE1 of 3