Empleos actuales relacionados con IT Risk Analyst Iii - Arca - CF Industries Holdings, Inc.

_At CF Industries, our mission is to provide clean energy to feed and fuel the world sustainably. Our employees are focused on safe and reliable operations, environmental stewardship, and disciplined capital and corporate management. _By joining CF, you will be part of a team that brings their varied experiences, wide-ranging knowledge and diverse talents together to deliver important work and you’ll be able to pursue complex, exciting opportunities that help you continue to grow and achieve your potential in different areas. You’ll take pride in working for a company that lives its values and where you can be yourself at work, as part of an authentic team that encourages you to share your views and opinions._ Our nine manufacturing complexes in the United States, Canada, and the United Kingdom, an unparalleled storage, transportation and distribution network in North America, and logistics capabilities enabling a global reach underpin our strategy to leverage our unique capabilities to accelerate the world’s transition to clean energy._

Function:
Job Summary:
The IT Risk Analyst III ensures the safety of information systems assets and protects systems from intentional or inadvertent access or destruction. The Incumbent ensures business resumption plans are in place and routinely tested, while supporting network operations and network system administrators.

**Job Description**:
Security Administration
- Ensure that all policies and standards are regularly reviewed and updated to be in line with regulatory and control requirements.
- Respond to incoming requests for vendor assessment submitted by business owners.
- Coordinate all information and document gathering with vendor point of contact.
- Review and analyze all vendor submitted evidence and artifacts to determine control posture.
- Finalize and issue recommendation and net risk score.
Identify the potential impact of risks and communicate them in a manner that can be understood at both a technical and executive level.
- Help prepare status reports on security matters to develop security risk analysis scenarios and response procedures.
- Manage and enforce security policies and procedures. Administer and monitor security profiles.
- Review security violation reports and investigates possible security exceptions. Updates, maintains, and documents security controls and policies.
- Ensures integrity, confidentiality, and availability of data to end-users.
- Provides support for data encryption requirements
- Participate in reviews of new or changes to existing systems to ensure security requirements are satisfied, prior to implementation, including risk assessment
- Ensure compliance with Sarbanes-Oxley and audit requirements for all systems.
- Coordinate with internal audit staff and assist with regular tests and audits. Resolves security issues from Audit reports.
- Participate in external security and penetration tests.

Disaster Planning and Business Continuity
- Assists in development, design, and implementation of disaster recovery plans and procedures to protect and continue Information Technology Systems activities in case of emergency or disaster.
- Assists with Business Continuity Plan for the business, including Corporate, CF manufacturing plant sites, and distribution facilities. Ensures consistency and continuity corporate-wide.
- Plan testing:
Periodically tests various portions of the Disaster Plan to verify results and modify where necessary.

Tests entire Disaster Plan and procedures at least once each year.
- Identifies and makes recommendations regarding critical points of failure.
- Coordinates availability of disaster site and equipment needs with IT Management. Plans and executes cross-training to share disaster recovery knowledge with IT Staff. Assists in cross-training IT backup personnel to support disaster recovery processes.

Technical Support
- May provide tier II technical support to end users.
- Provides appropriate levels of support for all aligned functions, per the IT organizational chart.

Internal Controls:
Understands and complies with established departmental processes and procedures designed to support internal controls efforts. Identifies and brings to the attention of department management internal controls deficiencies.

Successful incumbents will have:

- Bachelor's Degree in Computer Science or MCSE with network security and disaster recovery experience.
- Equivalent of 2 or more years of network administration, security and/or disaster recovery experience.
- Familiarity with Microsoft operating systems and Active Directory.
- Security focused certifications preferred.
- Microsoft Certified System Engineer preferred
- Customer service oriented
- Excellent communication and analytical skills

Position Scope/Contribution:
The incumbent in this position is responsible for the network security and disaster recovery planning for the information technology systems at a major corporation.

What We Offer:
You’l