Due to our continued expansion and growth, BH Consulting have been engaged by a blue-chip client to recruit a Risk Assessment Analyst. The Risk Assessment Analyst is a strategically important role within this clients organisation with responsibility for executing the risk management methodology in line with the NIST Security Framework, ISO27001 and PCI Standards. Ideally a successful candidate will possess strong knowledge and experience with industry standards, risk analysis, risk mitigation, business function process flows, project plan development together with excellent reporting, communication and presentation skills.
- The Risk Assessment Analyst will be part of the senior Risk Management program. This program is critical to the organisation’s risk management framework and provides the foundation for defining and evolving the Risk Management strategy and enhancing current security controls, business continuity capabilities and security practices.
- This position has global purview and will be responsible for driving the execution of Risk Assessments across several geographical regions and business units.
- Maintenance and coordination of the organisation’s threat taxonomy.
- Work with the many inputs for Risk Assessment defined in the organisation’s Risk Assessment method.
- Interface with internal functional towers to collect and correlate results of Risk Assessment inputs.
- Complete Risk Assessment documentation and engage with key stakeholders to develop Risk Mitigation plans.
- Schedule and conduct cross functional meetings as required ensuring Risk Assessment exercises have the necessary pre-requisites in accordance with the organisation’s standards.
- Perform all departmental administrative activities, including staff meeting attendance, status reporting, documentation and other activities, as assigned, in a timely manner.
- Program Management – execute and direct the day to day program operations, plan and deploy long term vision, direction, and sustainability
- Support the Policy Exception Program Manager as part of the Risk Movement lifecycle.
- Work with external auditors for industry certification to present Risk Assessment methodology, findings and risk lifecycle.
- Travel as required (not frequent)
- 3+ years in Risk Management related positions with high-level problem solving and technical project management experience.
- Experience of both governance and hands-on execution.
- MS/MBA/MA degree or equivalent experience desired
- CISSP/CISA/CISM/CRISC or similar certified
- Minimum 5 years of experience in Risk Assessment, Business Continuity Management and/or Disaster Recovery Management in large enterprises.
- Ability to lead risk assessment activities across multiple business units.
- Demonstrable background in Security controls assessment.
- Experience in conducting business impact analyses and Risk Assessments
- Excellent verbal and written communication skills are required.
If you feel this role is for you then send your CV to firstname.lastname@example.org