Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Office

Job Description

Responsibilities:

Provide key input and assistance in the development and implementation of a global cybersecurity risk assurance program.Conduct risk assessments to identify potential threats and vulnerabilities within the organization in collaboration with the Risk Management team.Maintain and monitor risk policies throughout the entire risk lifecycle.Develop and implement risk management strategies to mitigate identified risks.Supervise, monitor and report on the organization's risk exposure and control environment.Present detailed reports and presentations on risk assessment findings and recommendations to senior leadership and other important individuals.Collaborate with teams with sophisticated strengths to integrate risk management practices into business processes.Facilitate risk workshops and training sessions for staff to raise awareness and understanding of risk management.Build and cultivate positive relationships with important individuals to further a culture of risk awareness and proactive risk management.Collaborate on the technical definitions and coordinate implementation of security controls and requirements for systems, infrastructure, and solutions.

Requirements:4+ years of experience in risk analysis, information risk management, data privacy, information technology, or equivalent with exposure to cybersecurity and/or information security risk.Bachelor's Degree in Risk Management, Information Assurance, Information Security, Cybersecurity, IT, Law, or Data Privacy or equivalent work experience.Experience with risk analysis.Ability to explain complex risk management topics to a broad audience.Understanding of relevant industry frameworks such as ISO 27001 series, NIST 800-53, FISMA, and others.General understanding of cybersecurity technologies and controls with the ability to bridge the gap between governance and technical concepts.Excellent writing skills, with experience as a writer or technical editor considered a plus.Good ability to work independently and proactively identify tasks.Excellent written and oral communication skills with experience addressing senior leadership.Superb communication and interpersonal abilities, emphasizing the importance of documentation.Excellent customer service skills.Relevant certifications such as CRISC, CISSP, or CISA is ideal.Experience of various risk management frameworks like the NIST Risk Management Framework or Center for Internet Security Risk Assessment Methodology is ideal.