Dieses Jobangebot ist archiviert und steht nicht mehr zur Verfügung.
Vakante Jobangebote finden Sie unter Projekte.
Vakante Jobangebote finden Sie unter Projekte.
Third Parties Security and Resilience Risk Analyst
Eingestellt von Base 3
Gesuchte Skills: Support, Client
Projektbeschreibung
Third Parties Security and Resilience Risk Analyst
ROLE:
BCP and Information Security Risks assessments of third parties:
- Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
- Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
- Maintain the database of client-issued RFP's and RFI's; respond to internal and external database knowledge requests.
- Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
- Support 'proof of concepts' within BCP and Information Assurance; provide cost/benefit reports to security management.
- Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
PROFILE:
- Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
- Relies on existing processes and policies to take decisions.
- Focuses on execution in his domain, according to defined processes and methods.
- Runs and maintains the operational process.
- Works autonomously on standard activities or non-complex demands.
- Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
- Knowledge of security risk management, risk governance.
- Strong oral and written skills to translate complex risk requirements.
- Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
- Experience with audit good practice.
- Knowledge of onsite risk assessments, and managing targeted risk remediation activities.
ROLE:
BCP and Information Security Risks assessments of third parties:
- Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
- Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
- Maintain the database of client-issued RFP's and RFI's; respond to internal and external database knowledge requests.
- Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
- Support 'proof of concepts' within BCP and Information Assurance; provide cost/benefit reports to security management.
- Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
PROFILE:
- Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
- Relies on existing processes and policies to take decisions.
- Focuses on execution in his domain, according to defined processes and methods.
- Runs and maintains the operational process.
- Works autonomously on standard activities or non-complex demands.
- Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
- Knowledge of security risk management, risk governance.
- Strong oral and written skills to translate complex risk requirements.
- Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
- Experience with audit good practice.
- Knowledge of onsite risk assessments, and managing targeted risk remediation activities.
Projektdetails
Geforderte Qualifikationen
-
Kategorie:
IT Entwicklung, Sonstiges