Project description
Luxoft DXC Technology Company is an established company focusing on consulting and implementation of complex projects in the financial industry. At the interface between technology and business, we convince with our know-how, well-founded methodology and pleasure in success. As a reliable partner to our renowned customers, we support them in planning, designing and implementing the desired innovations. Together with the customer, we deliver top performance! For one of our Clients in the Insurance Segment, we are searching for a Senior Cyber Security Risk Analyst.
Responsibilities
Support the Risk Management team's overall scoping, planning, tracking, responses, closure verification, and reporting of risks identified via an enterprise risk assessment process (full cycle).
Apply mechanisms for rating, aggregating, prioritizing, and assigning owners to identified risk findings.
Ensure that tracked risks and findings adhere to agreed-to operational definitions, to preserve consistency and clarity across risks that are to be formally introduced and managed.
Maintain findings lists (and/or formal risk register), identifying and relating assessment findings to other artifacts stored in an enterprise Governance, Risk & Compliance (GRC) data management platform.
Interface with a team of Risk Assessment analysts, cyber security program Directors, Managers, CISO, and/or IT asset owners to facilitate and coordinate smooth execution of Risk Management plans that involve people from multiple, disparate teams.
Provide direct assistance to internal/external stakeholders as assigned, relating to the determination of risks and findings involving their Information/Security Systems.
Organize Risk Management task facilitation meetings with IT & Business stakeholders.
Oversee and manage disposition of risk findings and responses.
SKILLS
Must have
Bachelor's degree in computer science or a related discipline and at least eight or more years' experience (preferably in the area of Cyber/Information Risk Management).
Excellent verbal and written communication skills.
Ability to plan and execute on scheduled cycles.
Knowledge of risk definition and risk-level determination methods.
Knowledge of cyber risks and risk mitigation strategies.
Ability to execute and think with a strong control and process mindset.
Strong knowledge of industry-standard Risk Assessment and Risk Management Frameworks/methodologies, such as ISACA, ISO 27001, NIST 800-39/53, NIST CSF, FAIR.
Requires strong analytical, communication, teamwork and interpersonal skills.
Knowledge of business and technology practices and trends.
Nice to have
.
#J-18808-Ljbffr