Information Technology Risk Analyst

Delta Airlines

Job description

Who We Want

You are someone who, when asked to do the impossible, responds with a grin — “Bring it on!” You want a job, not because it is easy, but because you get to drive real transformational change. You are someone who is passionate about identifying, communicating, and reducing risk. For you, Information Security is a passion and not just a job.

What We Do

Delta Information Security Governance (ISG) is leading the effort to mature Delta’s growing Information Security practice. The team is actively working to implement a controls focused mindset, shift our approach from a compliance focus to a risk focus, and establish meaningful metrics to truly measure Enterprise Risk and the effectiveness of the Information Security practice. We partner closely with others in the Information Security Division to drive aligned results. We have the opportunity to drive meaningful change through a well-established, well respected company leading the Aviation Industry.

Job Summary

    • This position can be located in Atlanta or Minneapolis.
    • Evaluates, quantifies, and communicates risk across the vendor, internal controls, and cyber domains.
    • Establishes and communicates key risk and key performance indicators.
    • Engages with partners in Information Security, Information Technology, and Internal Audit to efficiently ensure compliance with SOX, PCI, and other regulatory/statutory requirements.


Essential Responsibilities

    • Engage & consult with key partners within Delta to develop relationships to facilitate partnership & alignment.
    • Anticipate organizational impact & understand the risk associated with introducing new technologies or processes.
    • Perform special projects as assigned.
    • Requires self-starters who work well with in largely a self-directed environment.


Required Experience

    • Three years work experience in IT with at least one year of security or security related experience.
    • BS/MS in Cyber Security, Computer Science, Mathematics, Engineering, Information Services or equivalent.
    • Experience working in a governance environment leveraging a risk and controls mindset.
    • Understanding and working knowledge of cybersecurity governance frameworks such as NIST and SANS.
    • Excellent verbal and written skills; and excellent organizational and time management skills.


Preferred Experience

  • Key industry certifications such as CISA, CISM, CISSP, etc.
  • Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics.
  • Experience across IT domains such as application development, infrastructure, technical support and operations, or continuity of business.
  • Experience with RSA Archer.
  • A history of driving transformational change.

To apply for this job please visit