Work Schedule
Standard (Mon-Fri)

Environmental Conditions
Office

Job Description

Responsibilities:

• Provide key input and assistance in the development and implementation of a global cybersecurity risk assurance program.
• Conduct risk assessments to identify potential threats and vulnerabilities within the organization in collaboration with the Risk Management team.
• Maintain and monitor risk policies throughout the entire risk lifecycle.
• Develop and implement risk management strategies to mitigate identified risks.
• Supervise, monitor and report on the organization's risk exposure and control environment.
• Present detailed reports and presentations on risk assessment findings and recommendations to senior leadership and other important individuals.
• Collaborate with teams with sophisticated strengths to integrate risk management practices into business processes.
• Facilitate risk workshops and training sessions for staff to raise awareness and understanding of risk management.
• Build and cultivate positive relationships with important individuals to further a culture of risk awareness and proactive risk management.
• Collaborate on the technical definitions and coordinate implementation of security controls and requirements for systems, infrastructure, and solutions.

• +6 years of experience in risk analysis, information risk management, data privacy, information technology, or equivalent with exposure to cybersecurity and/or information security risk.
• Experience addressing senior leadership.
• Bachelor's Degree in Risk Management, Information Assurance, Information Security, Cybersecurity, IT, Law, or Data Privacy or equivalent work experience.
• Experience with risk analysis.
• Ability to explain complex risk management topics to a broad audience.
• Understanding of relevant industry frameworks such as ISO 27001 series, NIST 800-53, FISMA, and others.
• General understanding of cybersecurity technologies and controls with the ability to bridge the gap between governance and technical concepts.
• Excellent writing skills, with experience as a writer or technical editor considered a plus.
• Good ability to work independently and proactively identify tasks.
• Excellent written and oral communication skills
• Superb communication and interpersonal abilities, emphasizing the importance of documentation.
• Excellent customer service skills.
• Relevant certifications such as CRISC, CISSP, or CISA is ideal. (Plus)
• Experience of various risk management frameworks like the NIST Risk Management Framework or Center for Internet Security Risk Assessment Methodology is ideal.