Home

Hiring Now : :Senior Cyber Risk Analyst: :Hybrid - FL at Remote, Remote, USA
Email: [email protected]
From:

Surya kanta pradhan,

Vyze inc.

[email protected]

Reply to:   [email protected]

Job Title: Senior Cyber Risk Analyst

Location: Hybrid - Deerfield Beach, FL

Duration: 12 months

Visa: USC,GC

THESE ARE THE TOP SKIILLS REQUIRED .  
6+ years Expertise Risk Management  No 1 
6+ years Information Security No 2 
2+ years Supply Chain No 3
Additional Skills: Third Party Risk Management (with a focus on Cybersecurity/Cyber Risks)

---------------------------------------------------------------------------

The Senior Cyber Risk Analyst will report to the IT Governance, Risk and Compliance Manager and will support the Information Security department. In this position, you will be an integral part of advancing the company's enterprise Information Security Program. The Senior Cyber Risk Analyst will be responsible for identifying, analyzing, and influencing the management of information risks across the organization, with a strong focus over Third Party Risk Management (TPRM). The Sr. Cyber Risk Analyst will help to coordinate across the organization to understand, categorize and prioritize security risks, applying business context, leading to clear security risk mitigation strategies. This senior-level analyst will have a depth of experience enabling them to understand both information security risks and business context. This individual contributor will be a skilled communicator across all audience types, up to executive leaders.

Responsibilities:
Conduct Third-Party Risk assessments and manage Infosec Third-Party Risk Management (TPRM) program.
Communicates risk assessment findings to information security "customers, or business partners.
Provides consultative advice to information security customers that enables them to make informed risk management decisions.
Maintain risk management initiatives in GRC/TPRM platform(s).
In-depth knowledge of information security management system standards (e. g. SOC 2), frameworks, information technology regulatory and compliance requirements (e. g., PCI-DSS, GDPR, CCPA, HIPAA,), and industry best practices, particularly around TPRM.
Performs focused risks assessments of existing or new services and technologies.
Identifies and implements appropriate controls to effectively manage information risks as needed.
Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
Maintains strong working relationships with individuals and groups involved in managing information risks across the organization.
Work closely with Information Security Architecture, Engineering, and relevant operational teams to gather data and insights leading to holistic risk security awareness.
Conduct periodic internal assessments for security risk.
Conduct ongoing research to keep current of latest security issues, threats, and technical capabilities.
Perform other essential duties as assigned.

Desired Skills
Working knowledge of Third-Party Risk Management (TPRM) program tools, such as ProcessUnity/Prevalent.
An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
Knowledge of security and privacy frameworks (e.g., NIST CSF, 800-53, CIS CSC, COBIT, CCPA, HIPAA, ISO 27001/2).
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business.

Qualifications/Requirements
8+ years of experience within large scale information security risk management programs.
8+ years of Information Technology and/or Information Security experience.
Strong grasp of key elements for a successful Risk Management Program and related frameworks or standards (e. g. NIST, ISO, COBIT), particularly as it relates to running a Third-Party Risk Management (TPRM) program.
Demonstrated knowledge of a broad range of technical concepts: logical access control, agile development process/DevSecOps, secure coding principles, security architecture frameworks and methods, information security, network security, and privacy.
Experience with interpreting results of scanning and compliance tools such as Qualys/Nessus/Rapid7/Laceworks as it pertains to documenting information security risk(s).
Strong organizational skills with ability to thrive in a sense-of-urgency environment, leveraging best practices, and approaching any problem as a team-player with a can-do attitude.
Excellent written and verbal communication skills and ability to interface with all levels of business and executive leadership.
Excellent analytical, problem solving, and decision-making skills, applied with a solution-focused attitude.
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
Demonstrated ability to troubleshoot complex problems and recommend appropriate actions.

License / Certificate (any of the following a plus):

CISSP, CISM, CIPP, GIAC, CRISC, CISA

Keywords: information technology green card Florida
[email protected]
View all
Thu Dec 07 08:40:00 UTC 2023

To remove this job post send "job_kill 916942" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.


Your reply to [email protected] -
To       

Subject   
Message -

Your email id:

Captcha Image:
Captcha Code:


Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]
Time Taken: 41

Location: Deerfield Beach, Florida