The Cybersecurity Lead Risk Analyst will be a member of the Global Cybersecurity department reporting to the Security Performance Management team and is primarily responsible for assisting with the execution of internal and third party risk analysis and assessments related to our business units. This may include mergers and acquisitions, joint ventures and geographically isolated locations within our business units.
In addition, the lead analyst will be involved in developing and maintaining security risk monitoring and reporting systems, conducting business unit risk assessments and providing analytical support to risk areas. This role will work closely with the Global Cybersecurity team to assess and implement the controls necessary to ensure the protection of information systems.
Responsibilities :
- conducting third party security assessments and defining remediation plans as necessary .
- conducting internal assessments and/or compliance reviews.
- communicate risk findings and recommendations that are clear and actionable by business stakeholders and are understood for appropriate business decisioning.
- monitor any assigned remediation efforts.
- evaluate internal submissions to determine likelihood and impact of potential risks.
- evaluate trending of assessment results and compliance reviews to communicate clear risk posture of business units.
- facilitates the remediation of control gaps and escalates critical issues to leadership.
- advise senior leadership on risk management strategies, including risk mitigation, risk reduction, risk transfer, and residual risk analysis.
- communicate business unit risk during Enterprise Risk Management report outs.
Qualifications :
- 5+ years of direct experience in an information security role focused on measuring and monitoring risk and maturity performance.
- 3+ years of experience conducting security risk assessments and/or performance benchmarks preferred.
- Advanced understanding of the NIST Cybersecurity Framework and how to apply it.
- Professional human relation skills required to effectively communicate and interface with a variety of personalities and cultures.
- Ability to prioritize and organize simultaneous tasks to ensure all requests are completed in a timely and accurate manner.
- Ability to think strategically about risk vs. business value .
- Ability to quickly pick-up on new or difficult concepts and information.
- Strong oral and written communication skills and negotiation skills
As a Lead Risk Analyst, you must possess strong skills to identify security risks and technical remediation or mitigating control options, be proactive in solving problems, and coordinate efforts across departments and functions.
•
Last updated on Sep 24, 2024