ASA Recruitment’s client, a Public Sector organisation in Edinburgh are currently looking to recruit a Risk Analyst, for an initial 12 month contract (with potential extensions) on a rate c.£450/day inside of IR35 (based on experience).
Responsibilities
* Maintain an awareness current industry risk management standards and best practices to support gathering accurate detailed data related to risk.
* Conduct assessments of risks related to projects, changes, and digital services – with a focus on digital risks – through structured conversations and checking system configuration reports.
* Contribute to the development and improvement of risk management processes and ensure risk data is accurately captured and maintained.
* Interpret outputs from assurance activities (e.g., vulnerability scans, audits, or penetration tests) and incorporate findings into the risk management process.
* Support generations of clear, prioritised recommendations for risk treatment and mitigation and tracker application of treatments.
* Support the design and enhancement of risk data models and tools to enable consistent, efficient risk tracking – such as PowerBI dashboards or similar
* Work collaboratively across business and technical teams with ability to bridge business and technical language differences and priorities.
Technical Scope
* Office suite (Excel, Word, etc.)
* Cloud platforms (Azure)
* M365 (e.g. Microsoft forms)
* Power Platform (desirable but not required)
Essential Skills & Experience
* Risk Assessment or Audit with Digital / Cyber experience
* Understanding of and experience of business processes mapping and documenting digital service reliance
* Ability to work well in an agile environment with internal colleagues and suppliers
* Ability to self-start and see through deadlines, improvements and benefits realisation
* Ability to explain context and goals with colleagues and collaborate with business and technical colleagues
Desirable Skills
* Familiarity with information / security related risk management frameworks and tools
* Experience supporting or maintaining technical risk registers or GRC systems.
* Awareness of cloud and enterprise service environments.
* Understanding of assurance activities such as audits, vulnerability assessments, and penetration tests.
#J-18808-Ljbffr