The Cyber Security Risk Analyst required to join an internal IT Cyber Governance group.
help drive the Cyber Risk Management program through collaborating with different stakeholders and Risk Owners to actively identify and report Cyber and IT Risks in the IRM Platform, and to ensure effective Risk Treatment plans are defined and implemented to control and reduce risk.
This position requires a self-driven individual, with sound knowledge of business processes, a good knowledge of security or IT technologies and good communication skills.
This position offers an opportunity to make a strong impact across a company Participating and driving a key Risk Management program.
Key skills
Over five years??? experience integrating security into the business, security risk management, information processes, product security or business architecture positions.
Professional security management certification:
Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar.
Role responsibilities
Correlate and analyze the information received from internal threat intelligence and from the incident management teams, to identify leadings threats, key gaps, and any untreated risk to report.
Review HARC reports, Audit reports, Cyber exemptions, business impact analysis, non-compliance problems, etc.
use this as input to feed risk identification and risk assessment.
Work with digital and IT teams to accurately carry out business impact analysis, as well as risk assessment activities.
Ensure IRM requests and tickets are processed and resolved in a timely manner.
Work with Cyber Risk Manager to successfully design, implement, test, and deploy any platform improvements and expansions.
Ensure actions included in the CSRM Program are duly updated by owners and keep the program on track and aligned to forecast.