Risk Analyst with IT Fidelity National Financial, Inc. in Jacksonville, FL (salary not disclosed)

March 29, 2021

Performs a variety of tasks to accomplish the objectives of the IT Risk Management (ITRM) program, including but not limited to the evaluation of IT and security risks. Assesses risks and gathers management’s responses and tracks mitigation plans. Relies on experience and judgment to plan and accomplish goals. Performs a variety of complicated tasks. A wide degree of creativity and latitude is expected. Performs IT risk assessments covering a variety of the organization’s IT processes including, but not limited to:

  • Information security, infrastructure, development, change management, logical security. Assesses risks and gathers management’s responses and tracks mitigation plans.
  • Relies on instructions and pre-established guidelines to perform the functions of the job.
  • Working with and supporting the business units and/or business departments in the institutionalization of the ITRM framework
  • Assisting with the design and development of the program components
  • Leading the discussions of IT risks with corporate department representatives, information resource owners, business units
  • Managing a staff of Risk Analysts positioned to support the management activities of the program

Management, operationalization and participation in program activities associated with, but not limited to:

  • Deployment, completion, and reporting of IT Risk Profiles and Risk Assessments
  • Oversight of the IT Risk Mitigation Action Plans o Review of the IT Risk Register
  • Design and implementation of the IT Risk Control Self- Assessment
  • Managing the input and maintenance of the FNF Risk Registers
  • Facilitating the review and risk evaluation of new or existing information resources or technology related services
  • Facilitating the development and on-going management of risk remediation plans
  • Developing and managing a mechanism for the reporting of the various risk and control indicators
  • Supporting the development, implementation and maintenance of Risk Assessment frameworks and the Risk Control Self-Assessments
  • Preparing status reports and presentations on a timely basis

This position is a cross-functional role that requires communication and team work with other departments in FNF and its subsidiaries

  • Other ITRM duties as assigned
  • Assessing IT and security risks, processes and controls including experience with IT and security processes and functions
  • Understanding of IT and security risks, processes, and controls and ability to converse at a technical level
  • Demonstrate ability to plan, schedule, and coordinate work, and able to maintain high levels of confidentiality and professionalism as well as have strong organizational, communicative and interpersonal skills
  • Familiar with IT and Security principles/frameworks such as COBIT, NIST CSF, Cloud Controls Matrix, CIS CSC, ITIL, ISO 27001
  • Proven ability to work independently and cross-functionally
  • Self-starter with proven track record of execution and results
  • Great business judgment, ability to influence others and strong analytical thinking
  • Ability to prepare presentations, status reports, process narratives and work flow diagrams
  • Excellent written and oral communication skills
  • Expertise in Word, Excel, PowerPoint, Visio, and SharePoint
  • Security related certifications such as: CISA, CISSP, CISM, CRISC, or Security+
  • Experience with GRC related software
  •  Familiar with SOC2 or Trust Services Principles
  • Familiar with Unified Compliance Framework

For more info. go to: