What are the responsibilities and job description for the Senior Risk Analyst position at PiplNow LLC?
Hi,
We have an urgent C2H opening for Senior Risk Analyst – Day 01 Onsite in Cincinnati, OH
Our client is looking to fill this role immediately.
If you are interested in this role, Please share the updated resume, filled skill matrix, consultant details, visa and dl copy ASAP.
Skills
Skill Matrix:
Years Of Experience
Over all experience
Total years of work exp in US
As Senior Risk Analyst
Risk Management
In Cyber-Security / Technology/Information security
Security Controls frameworks (CobiT, ISO 27001, NIST, NIST CSF, PCI DSS, RMF)
Privacy regulations (GDPR, CPRA, NIS, NIS2, CPA)
Governance-Risk-Compliance (GRC) (OneTrust, Archer, Xacta)
Security Control Frameworks (ISO, NIST, HIPAA, PCI, SOX)
GT Risk Management
GT and corporate processes (M&A, JV, Projects, and 3rd Party/Vendor Management)
Consultant Details
Criteria
Consultant's Data
Full Name
Primary Phone
Primary Email
Education Details – Graduation
Education Details – Master’s
Certification if any
LinkedIn Profile
US work authorization and expiration
Passport Number
Expected pay rate/hr on W2
Expected pay rate/hr on 1099
Current Company Name
Current location (City/State)
Willing to relocate (yes/No)
Availability to join new project/ Notice period
Have you ever worked or interviewed for this client in the past?
If yes, as a consultant or as an employee?
Last 5 digits of Social Security Number
Birth month and day (NOT YEAR)
Position: Senior Risk Analyst
Location: Day 01 Onsite in Cincinnati, OH
Contract type: CTH
Job Description
We have an urgent C2H opening for Senior Risk Analyst – Day 01 Onsite in Cincinnati, OH
Our client is looking to fill this role immediately.
If you are interested in this role, Please share the updated resume, filled skill matrix, consultant details, visa and dl copy ASAP.
Skills
Skill Matrix:
Years Of Experience
Over all experience
Total years of work exp in US
As Senior Risk Analyst
Risk Management
In Cyber-Security / Technology/Information security
Security Controls frameworks (CobiT, ISO 27001, NIST, NIST CSF, PCI DSS, RMF)
Privacy regulations (GDPR, CPRA, NIS, NIS2, CPA)
Governance-Risk-Compliance (GRC) (OneTrust, Archer, Xacta)
Security Control Frameworks (ISO, NIST, HIPAA, PCI, SOX)
GT Risk Management
GT and corporate processes (M&A, JV, Projects, and 3rd Party/Vendor Management)
Consultant Details
Criteria
Consultant's Data
Full Name
Primary Phone
Primary Email
Education Details – Graduation
Education Details – Master’s
Certification if any
LinkedIn Profile
US work authorization and expiration
Passport Number
Expected pay rate/hr on W2
Expected pay rate/hr on 1099
Current Company Name
Current location (City/State)
Willing to relocate (yes/No)
Availability to join new project/ Notice period
Have you ever worked or interviewed for this client in the past?
If yes, as a consultant or as an employee?
Last 5 digits of Social Security Number
Birth month and day (NOT YEAR)
Position: Senior Risk Analyst
Location: Day 01 Onsite in Cincinnati, OH
Contract type: CTH
Job Description
- Participate in ongoing reviews of global company's Risk Management Program.
- Contribute to strategic plans supporting program objectives and alignment of technology risk activities across company. Apply quantitative risk valuation models and tooling to inform and support strategic and tactical risk-based decisions.
- Assist in delivering GT Risk Management programs to mitigate technology-related risks.
- Contribute to program governance and processes for identifying, assessing, and responding to risks.
- Collaborate with other GT and corporate processes (M&A, JV, Projects, and 3rd Party/Vendor Management).
- Maintain risk assessment methodologies, processes, artifacts, and training.
- Lead or manage assessments and remediation efforts, tracking progress and reporting on security control gaps.
- Analyze risk/control information to formulate recommendations, metrics, and reports for management decision-making.
- Ability to analyze and aggregate risk across a complex organization and articulate risk clearly.
- Register GT risks, work with risk owners on risk treatment, and monitor risk treatment, response, and mitigation with risk owners. Weight business needs against security concerns and articulate issues and options to management.
- Present risk register and treatment plans to stakeholders on a regular basis.
- Enhance collection and maintenance of OneTrust risk register information.
- Work cross-functionally to improve workflow and collect required risk profile data.
- Assist project teams in the implementation of security measures to meet corporate security policies, manage risk, and meet external regulations, including various data security standards.
- Ensures of proper documentation of technology assessment results, and monitors remediation. Deliver all documentation developed during task execution, with status of all work in progress. Create Weekly and Monthly Status Reports, including daily technical task reports, threat management reports, among others.
- Support the Business Technology Disaster Recovery process.
- Support the resolution of Internal Audit, Compliance, Risk Management, Regulatory related issues that could impact the confidentiality, availability or integrity of data or processes.
- Five to Ten (5-10) years direct experience in a Risk Analyst role is required.
- A bachelor's or master’s degree in computer science, Cyber-Security or in a technology/information security-related field is preferred and can substitute degree in lieu of some actual experience.
- Experience with Security Controls frameworks (e.g., CobiT, ISO 27001, NIST, NIST CSF, PCI DSS, RMF, among others) and knowledge of privacy regulations (e.g., GDPR, CPRA, NIS, NIS2, CPA, etc.).
- Experience with a Governance-Risk-Compliance (GRC) software suite (OneTrust, Archer, Xacta, ., etc.) is required; prefer direct experience with OneTrust.
- Must be able to demonstrate a strong understanding of Security Control Frameworks (ISO, NIST, HIPAA, PCI, SOX) is required; prefer multiple framework experience vs single framework experience.
- Strong leadership, critical thinking and collaboration skills required.
- Attention to detail is a critical success factor for this role.
- Ability to influence peers, colleagues, and managers across business and divisional Lines to Take action on complex, technical or sensitive topics with companywide impact.
- Must be analytical and Possess Ability to interpret and apply policies and regulations across a large, complex business.
- Able to work effectively in an environment characterized by multi-tasking, fast-paced, lead by multiple projects and conflicting priorities. Multi-level communications and interpersonal skills (including strong documentation skills). Able to effectively communicate security-related concepts to a broad range of technical and non-technical staff, across IT and business.
- Strong technical information security knowledge to assess various information security and risk management processes and tools.
- Any “one” certification in; CISSP, CRISC, CISA, CASP, CYSA, ISA, or Security CE is preferred.