Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Information Risk Analyst
Eingestellt von Base 3
Gesuchte Skills: Support, Client
Projektbeschreibung
Information Risk A nalyst
ROLE:
BCP and Information Security Risks assessments of third parties:
-Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
-Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
-Maintain the database of client-issued RFP's and RFI's; respond to internal and external database knowledge requests.
-Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
- Support 'proof of concepts' within BCP and Information Assurance; provide cost/benefit reports to security management.
- Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
PROFILE:
-Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
-Relies on existing processes and policies to take decisions.
-Focuses on execution in his domain, according to defined processes and methods.
-Runs and maintains the operational process.
-Works autonomously on standard activities or non-complex demands.
-Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
-Knowledge of security risk management, risk governance.
-Strong oral and written skills to translate complex risk requirements.
-Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
-Experience with audit good practice.
-Knowledge of onsite risk assessments, and managing targeted risk remediation activities.
ROLE:
BCP and Information Security Risks assessments of third parties:
-Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
-Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
-Maintain the database of client-issued RFP's and RFI's; respond to internal and external database knowledge requests.
-Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
- Support 'proof of concepts' within BCP and Information Assurance; provide cost/benefit reports to security management.
- Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
PROFILE:
-Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
-Relies on existing processes and policies to take decisions.
-Focuses on execution in his domain, according to defined processes and methods.
-Runs and maintains the operational process.
-Works autonomously on standard activities or non-complex demands.
-Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
-Knowledge of security risk management, risk governance.
-Strong oral and written skills to translate complex risk requirements.
-Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
-Experience with audit good practice.
-Knowledge of onsite risk assessments, and managing targeted risk remediation activities.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges