CrawlJobs Logo

Security risk analyst - Issue and policy exception

amgen.com Logo

Amgen

Location Icon

Location:
India , Hyderabad

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a highly skilled and motivated analyst to join the policy exception and issue management team. The individual must be capable of working with minimal supervision after initial training. The individual must be client focused with an eye for streamlining of process. This role requires the ability to navigate ServiceNow ticket management and reporting.

Job Responsibility:

  • Day to day queue management for the policy exception and issue records
  • Host weekly office hours calls for stakeholder support and the advancement of the records
  • Perform initial ticket triage to ensure healthy records for further processing
  • Monitor tickets and investigate the instances of delay in processing
  • Escalate conditions or concerns to management and leads regularly
  • Communicate in a brief manner via email/text and reliably update the associated tickets for good document practice

Requirements:

  • Bachelor’s degree required (MIS, Information Systems, IT, Cybersecurity, or related field preferred)
  • 5–8 years of experience in Governance, Risk & Compliance (GRC), IT risk, information security compliance, or internal audit
  • Minimum 2-4+ years of experience in an IT ticket-based support environment
  • Candidate must be proficient at Microsoft office tools such as Outlook, Excel and suite of Microsoft Tools
  • Strong analytical, problem-solving, and documentation skills
  • Ability to communicate complex concepts to non-technical stakeholders
  • Understanding security controls as they apply to GRC (Governance, Risk, and Compliance) across the enterprise
  • Ability to analyze metrics and generate executive-level reporting and insights
  • Adaptability to a dynamic and fast-paced environment
  • Strong organizational and time management skills

Nice to have:

  • Experience with service now IRM module is a plus
  • Experience with risk assessment methodologies and control evaluation techniques
  • Proficiency at tools such as Lucid charts, Visio and PowerPoint
  • Candidate must possess or develop the skills to manage a service now dashboard
  • Ability to manage multiple competing priorities in parallel
  • Relevant certifications such as SAFe for Teams, ServiceNow, CISA, CRISC or CISSP
  • Working knowledge of industry standards, controls or frameworks such as: ISO/IEC 27001 and ISO/IEC 27002
  • GDPR, HIPAA, SOX, PCI-DSS, NIST
  • Bilingual proficiency is considered an advantage

Additional Information:

Job Posted:
March 19, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Amgen - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security risk analyst - Issue and policy exception

ISO Sr. Analyst

The Information Security Operations (ISO) Sr. Analyst is an intermediate level p...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Amplio conocimiento y cumplimiento de regulaciones mexicanas (en materia de SI) (CNBV y BANXICO)
  • Conocimientos técnicos relacionados con Seguridad de la Información y Ciberseguridad
  • Deseables certificaciones CRISC, CISA, CISM, CISSP, ISO27001:2022, ISO31000:2018
  • Experiencia en la elaboración de reportes y métricas ejecutivas dirigidas a la alta dirección
  • Habilidades de comunicación y negociación
Job Responsibility
Job Responsibility
  • Address security issues identified in the various information security programs
  • Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
  • Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
  • Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
  • Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
  • Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
  • Test and validate that the business complies with applicable IS requirements
  • develop and implement IS policies and procedures
  • Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
  • Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
  • Fulltime
Read More
Arrow Right

Sr. Risk Operations Analyst

The Risk Operations Senior Analyst plays a critical role within the Integrated R...
Location
Location
United States , Irvine
Salary
Salary:
120000.00 - 170000.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in Technology Risk, Cyber Risk, GRC, or IT Risk Management
  • Hands-on experience running technology risk assessments, issue management, exception processes and maintaining control libraries, policies, and standards
  • Familiarity with GRC platforms
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field
  • Strong knowledge of technology control frameworks (e.g., NIST CSF/800-53, ISO 27001, CIS)
  • Proven ability to create risk dashboards and executive-level reporting
  • Strong analytical, documentation, and process design skills
  • Excellent stakeholder management and communication skills
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Maintain and evolve the enterprise technology control library, ensuring alignment with internal policies, standards, and external frameworks
  • Own the lifecycle management of technology risk policies and standards, including updates, reviews, approvals, and communications
  • Ensure controls, policies, and standards are clearly mapped to regulatory, legal, and business requirements
  • Run and continuously improve core Risk Operations processes, including: Technology Risk Assessments, Risk Issue Management, Risk Exception Management
  • Ensure risk processes are executed consistently, on time, and in accordance with defined methodologies
  • Act as a subject matter expert for risk process guidance to technology, security, and business teams
  • Design, build, and maintain risk dashboards and reporting
  • Translate risk data into meaningful insights for senior leadership, customers and risk committees
  • Ensure accuracy, completeness, and audit-readiness of risk data across systems
  • Partner closely with Customers, Senior and Executive Leaders, Legal and other groups, to drive timely remediation and risk ownership
  • Fulltime
Read More
Arrow Right

Credit Maintenance Analyst

Excess Approval Management Team provides service to countries in Western Europe,...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Higher education in economics or experience in banking
  • 2-5-year experience in Operations, Risk or Finance
  • Ability to prioritize tasks and work effectively in a busy, challenging environment
  • Good organizational and time management skills
  • Problems solving skills
  • Very good knowledge of English
  • Bachelor's/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Monitoring intraday exposures in credit check systems within set time frame
  • Ensuring compliance with credit policy and internal procedures
  • Actively communicate with business partners (Risk and relationship Management Team) for approvals for cash and securities transactions
  • Cooperate closely with Credit Risk Associates team for resolution of technical issues and exceptions related to clients and credit limits
  • Works closely with other parties such as technology when required to resolve issues
  • Appropriately assess risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Citigroup
  • Fulltime
Read More
Arrow Right

GRC Analyst

We are seeking a GRC (Governance, Risk, and Compliance) Analyst to play a key ro...
Location
Location
United States , Minneapolis
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in Governance, Risk, and Compliance (GRC)
  • Strong understanding of risk management frameworks, including NIST or COSO
  • Knowledge of compliance standards and applicable laws
  • Familiarity with GRC tools and software, such as RSA Archer, MetricStream, or similar platforms
  • Ability to assess complex risk scenarios, identify patterns or trends, and provide actionable insights to support decision-making
  • Ability to identify discrepancies, non-compliance issues, or emerging risks impacting the organization
  • Excellent verbal and written communication skills to prepare detailed reports and interact effectively with stakeholders at various levels
  • Bachelor's degree in a related field is preferred
Job Responsibility
Job Responsibility
  • Conduct risk assessments to identify, monitor, and mitigate potential vulnerabilities
  • Develop and implement risk mitigation strategies and provide actionable recommendations to stakeholders
  • Ensure compliance with relevant laws, regulations, and standards (e.g., GDPR, PCI, ISO 27001)
  • Support the development and execution of cyber compliance programs, including evidence tracking, continuous monitoring, and audit preparation
  • Monitor and maintain internal compliance programs, track exceptions, and manage Plan of Action and Milestones (POA& M)
  • Design, review, and update governance frameworks, policies, and procedures to improve operational efficiency and address regulatory needs
  • Oversee cyber reputation management by tracking scores and making actionable recommendations for improvement
  • Respond to third-party security questionnaires and perform risk assessments for software and enterprise risk management
  • Assist with IT disaster recovery planning through documentation, tracking, and ad hoc updates
  • Facilitate ISO certification processes, including evidence collection and compliance tasks
What we offer
What we offer
  • medical benefits
  • vision insurance
  • dental insurance
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right
New

BANAMEX - ISO Sr Analyst - Cumplimiento Regulatorio

The Information Security Operations (ISO) Sr. Analyst is an intermediate level p...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
  • Amplio conocimiento y cumplimiento de regulaciones mexicanas (en materia de SI) (CNBV y BANXICO)
  • Conocimientos técnicos relacionados con Seguridad de la Información y Ciberseguridad
  • Experiencia en la elaboración de reportes y métricas ejecutivas dirigidas a la alta dirección
  • Habilidades de comunicación y negociación
Job Responsibility
Job Responsibility
  • Address security issues identified in the various information security programs
  • Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
  • Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
  • Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
  • Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
  • Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
  • Test and validate that the business complies with applicable IS requirements
  • develop and implement IS policies and procedures
  • Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
  • Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
  • Fulltime
Read More
Arrow Right

Service Analyst 1 CBPS

The Service Analyst 1 in CBPS is an entry-level position servicing off-shore cli...
Location
Location
Philippines , City of Taguig
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous relevant experience preferred
  • Series 6 and 26 License
  • Fundamental understanding of industry regulations in the US and Canada, extensive understanding of systems, products and culture
  • Proven knowledge of securities, insurance and mortgage lending laws and regulations as they apply to sales practice issues affecting the sales force
  • Effective verbal and written communication
  • Influencing and relationship management skills
  • Proven ability to creatively solve problems
  • Bachelor’s/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Assist with the administration of compliance procedures and control systems for the business review department, including monitoring, researching and responding to compliance related inquiries across all product lines
  • Ensure accuracy of research and compliance advice provided to members of sales force team
  • Develop information regarding required changes in reports and procedures
  • Assist with the preparation of written and verbal reports for senior management on compliance program status, issues, trends and concerns
  • Support sales force and management by implementing recommendations concerning changes, improvements and enhancements
  • Apply knowledge of how the team interacts with others in order to accomplish Customer Service goals
  • Fulfilling the clients’ necessities while providing an exceptional client experience is the expected behavior from all our employees and it will be measured by specific metrics
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency
  • Fulltime
Read More
Arrow Right

Grc analyst

We are looking for a detail-oriented GRC Analyst to join our team in Woodbridge,...
Location
Location
United States , Woodbridge
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of compliance frameworks such as GLB Act, SOX, PCI DSS, and eGRC
  • Proven experience in cybersecurity compliance and risk management
  • Ability to conduct detailed risk assessments and identify actionable solutions
  • Familiarity with audit processes and documentation management
  • Excellent communication skills for delivering training programs and collaborating with stakeholders
  • Proficiency in managing cybersecurity platforms and tracking risk-related issues
  • Capability to develop and maintain comprehensive procedural documentation
  • Knowledge of industry standards and regulatory obligations in the banking sector
Job Responsibility
Job Responsibility
  • Collect and organize evidence to support annual audits conducted internally and externally
  • Manage and monitor a centralized repository for audit-related documentation to ensure accessibility and accuracy
  • Respond promptly to audit requests, ensuring that all submissions meet required standards
  • Develop and deliver training programs on cybersecurity awareness, including onboarding sessions, periodic newsletters, and phishing simulations
  • Administer the organization's cybersecurity compliance training program to reinforce best practices
  • Conduct risk assessments using established frameworks to identify control strengths, weaknesses, and areas for improvement
  • Utilize the organization's platform to track and resolve security exceptions, violations, incidents, and other risk-related issues
  • Maintain updated documentation of procedures to enhance team knowledge and industry expertise
  • Assist in reviewing and updating security policies, standards, and practices annually to align with current operational needs
  • Collaborate with various business units to address new and existing regulatory requirements
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan
Read More
Arrow Right

Senior Business Analyst

The Senior Business Analyst / Business Systems Analyst (Sr BA/BSA) will support ...
Location
Location
Canada , Toronto
Salary
Salary:
70.00 - 80.00 USD / Hour
apexsystems.com Logo
Apex Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience as a Senior Business Analyst or Business Systems Analyst in large, complex enterprise environments
  • Hands‑on experience working within IT Asset Management, Configuration Management (CMDB), Service Management, or related governance domains
  • Strong experience translating regulatory, risk, and policy requirements into actionable business and system requirements
  • Proven ability to work across multiple stakeholder groups including Technology, Architecture, Data, Risk, and Operations
  • Experience supporting Agile and/or hybrid delivery models
  • ITAM subject matter expertise across process, tools, controls, and governance
  • Strong analytical and problem‑solving skills with attention to detail
  • Ability to document complex concepts clearly (BRDs, FRDs, process flows, control mappings)
  • Excellent facilitation, communication, and stakeholder management skills
  • Experience with enterprise IT frameworks and standards (e.g., ITIL, COBIT, internal control frameworks)
Job Responsibility
Job Responsibility
  • Elicit, analyze, and document business, functional, and non‑functional requirements for enhancements to existing and new ITAM capabilities across tools, processes, and operations
  • Translate ITAM governance, policy, and control requirements into clear system and process requirements consumable by Product, Engineering, and Enablement teams
  • Support initiatives across the full asset lifecycle, including request, acquisition, deployment, discovery, reconciliation, maintenance, and retirement
  • Identify, document, and assess risks, gaps, deviations, exceptions, and deficiencies related to ITAM capabilities and processes
  • Support remediation planning by defining requirements, acceptance criteria, and traceability back to governance and risk objectives
  • Ensure alignment with ITAM Policy, Technology Standards, regulatory guidance, and internal controls
  • Partner with Lines of Defense, Risk, and Compliance teams to support reviews, challenges, and audits
  • Analyze current‑state and define future‑state ITAM processes, including upstream and downstream dependencies
  • Identify opportunities for process efficiency, automation, and simplification
  • Support operational readiness by contributing to process documentation, operating procedures, and service definitions
  • Fulltime
Read More
Arrow Right