IT Security Risk Analyst
IT Security Risk Analyst needed for a 6+ month contract to join our growing IT Risk Management team. The role will give the associate a high level of exposure to senior management as well as regular formal and informal training opportunities with highly experienced third parties. The analyst uses their security best practice knowledge, intelligence and agile thinking to make themselves, their teammates and successful through management of IT risk.
- 1-2 years of Experience in IT Risk Management program strategies.
- Moderate understanding of computer security concepts including Risk and Compliance, Network Security, Application Security and Incident Management.
- Must have the ability to identify and assess the severity and potential impact of risks and communicate risk assessment findings to risk owners in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
- Able to apply current threats to the business model.
- Knowledge of IT policies, laws, standards and frameworks applicable to the specific technical role e.g. ISO31000, ISO27000, COSO and NIST-800.
- Basic knowledge of IT risk, security architecture design, network security, cloud/mobile security, data security and internal/external threat intelligence/analysis
- Exception Management experience is essential
- Aptitude for IT Security and an understanding of applied security concepts and best practices
- Bachelor's Degree in Computer Science, MIS, Information Security or related field, or equivalent experience. Professional qualifications such as CISM, CRISC, CISA, or CISSP certifications preferred.