Information Security Risk Analyst II

Acorns is seeking an Information Security Risk Analyst II tasked with identifying, assessing, and managing security risks. This role requires expertise in cybersecurity, risk management, and regulatory compliance, coupled with a strong grasp of financial products. The ideal candidate will take ownership of risks and collaborate effectively with stakeholders across all levels of the organization. The analyst will conduct risk assessments, develop security policies, manage compliance activities, oversee identity and access management, manage vendor risks, deliver training programs, and communicate risk findings to stakeholders. The individual will also support compliance activities for regulations like GLBA, FINRA WSP, and Reg S-P. The analyst will foster a culture of security within the organization. They need to demonstrate ownership of risks that includes communicating the business impact, performing risk assessment, prioritizing the risk, getting consensus with stakeholders, managing remediation/acceptance, and tracking over time.