Senior risk analyst Job at Piplnow, Cincinnati, OH

enJjWGxLcTlaT21oaERPbWxvQ2pjRkVQREE9PQ==
  • Piplnow
  • Cincinnati, OH

Job Description

Hi,

We have an urgent C2H opening for Senior Risk Analyst Day 01 Onsite in Cincinnati, OH

Our client is looking to fill this role immediately.

If you are interested in this role, Please share the updated resume, filled skill matrix, consultant details, visa and dl copy ASAP.

Skill Matrix:

Skills

Years of experience

Over all experience

Total years of work exp in US

As Senior Risk Analyst

Risk Management

In Cyber-Security / Technology/Information security

Security Controls frameworks (CobiT, ISO 27001, NIST, NIST CSF, PCI DSS, RMF)

Privacy regulations (GDPR, CPRA, NIS, NIS2, CPA)

Governance-Risk-Compliance (GRC) (OneTrust, Archer, Xacta)

Security Control Frameworks (ISO, NIST, HIPAA, PCI, SOX)

GT Risk Management

GT and corporate processes (M&A, JV, Projects, and 3rd Party/Vendor Management)

Consultant Details:

Criteria

Consultant's Data

Full Name

Primary Phone

Primary Email

Education Details Graduation

Education Details Master's

Certification if any

LinkedIn Profile

US work authorization and expiration

Passport Number

Expected pay rate/hr on W2

Expected pay rate/hr on 1099

Current Company Name

Current location (City/State)

Willing to relocate (yes/No)

Availability to join new project/ Notice period

Have you ever worked or interviewed for this client in the past?

If yes, as a consultant or as an employee?

Last 5 digits of Social Security Number

Birth month and day (NOT YEAR)

Position: Senior Risk Analyst

Location: Day 01 Onsite in Cincinnati, OH

Contract type: CTH

Job Description:

  • Participate in ongoing reviews of global company's Risk Management Program.
  • Contribute to strategic plans supporting program objectives and alignment of technology risk activities across company. Apply quantitative risk valuation models and tooling to inform and support strategic and tactical risk-based decisions.
  • Assist in delivering GT Risk Management programs to mitigate technology-related risks.
  • Contribute to program governance and processes for identifying, assessing, and responding to risks.
  • Collaborate with other GT and corporate processes (M&A, JV, Projects, and 3rd Party/Vendor Management).
  • Maintain risk assessment methodologies, processes, artifacts, and training.
  • Lead or manage assessments and remediation efforts, tracking progress and reporting on security control gaps.
  • Analyze risk/control information to formulate recommendations, metrics, and reports for management decision-making.
  • Ability to analyze and aggregate risk across a complex organization and articulate risk clearly.
  • Register GT risks, work with risk owners on risk treatment, and monitor risk treatment, response, and mitigation with risk owners. Weight business needs against security concerns and articulate issues and options to management.
  • Present risk register and treatment plans to stakeholders on a regular basis.
  • Enhance collection and maintenance of OneTrust risk register information.
  • Work cross-functionally to improve workflow and collect required risk profile data.
  • Assist project teams in the implementation of security measures to meet corporate security policies, manage risk, and meet external regulations, including various data security standards.
  • Ensures of proper documentation of technology assessment results, and monitors remediation. Deliver all documentation developed during task execution, with status of all work in progress. Create Weekly and Monthly Status Reports, including daily technical task reports, threat management reports, among others.
  • Support the Business Technology Disaster Recovery process.
  • Support the resolution of Internal Audit, Compliance, Risk Management, Regulatory related issues that could impact the confidentiality, availability or integrity of data or processes.

What You'll Need

  • Five to Ten (5-10) years direct experience in a Risk Analyst role is required.
  • A bachelor's or master's degree in computer science, Cyber-Security or in a technology/information security-related field is preferred and can substitute degree in lieu of some actual experience.
  • Experience with Security Controls frameworks (e.g., CobiT, ISO 27001, NIST, NIST CSF, PCI DSS, RMF, among others) and knowledge of privacy regulations (e.g., GDPR, CPRA, NIS, NIS2, CPA, etc.).
  • Experience with a Governance-Risk-Compliance (GRC) software suite (OneTrust, Archer, Xacta, ., etc.) is required; prefer direct experience with OneTrust.
  • Must be able to demonstrate a strong understanding of Security Control Frameworks (ISO, NIST, HIPAA, PCI, SOX) is required; prefer multiple framework experience vs single framework experience.
  • Strong leadership, critical thinking and collaboration skills required.
  • Attention to detail is a critical success factor for this role.
  • Ability to influence peers, colleagues, and managers across business and divisional Lines to Take action on complex, technical or sensitive topics with companywide impact.
  • Must be analytical and Possess Ability to interpret and apply policies and regulations across a large, complex business.
  • Able to work effectively in an environment characterized by multi-tasking, fast-paced, lead by multiple projects and conflicting priorities. Multi-level communications and interpersonal skills (including strong documentation skills). Able to effectively communicate security-related concepts to a broad range of technical and non-technical staff, across IT and business.
  • Strong technical information security knowledge to assess various information security and risk management processes and tools.
  • Any "one" certification in; CISSP, CRISC, CISA, CASP, CYSA, ISA, or Security+ CE is preferred.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Report this job
  • Dice Id: 90957445
  • Position Id: 2024-561

Job Tags

Contract work, Immediate start, Relocation,

Similar Jobs

Remedy Corporation

Quality Assurance Caller - Mystery Caller Job at Remedy Corporation

 ...This is a remote position. Quality Assurance Caller Mystery Shopping Earn Extra Funds for the Holidays! Are you looking for a flexible way to earn extra cash this holiday season? We have an exciting opportunity for you! Join our Quality Assurance... 

Nesco Resource

Branch Administrator (Short Contract) Job at Nesco Resource

First impressions go a long way! As a Branch Administrator, you will be a vital point of contact for candidates and clients seeking services from Nesco Resource, an award-winning organization. Represent one of the top companies in the staffing industry and help support...

Area Temps, Inc.

Import/Export Contract Administrator - Short-term Job at Area Temps, Inc.

01 - 173152 ge We are seeking an Import/Export Contract Administrator for a 3-to-4-month assignment on first shift. You will work well in a project team and can communicate technically with other team members. Duties: Create a document set applicable to this contract... 

CapTech Consulting

Senior Consultant, Agile Scrum Master Job at CapTech Consulting

 ...of clients requires the ability to adapt and perform in numerous Project Management environments. In this senior Agile position, your role as a Scrum Master, coach, and practitioner will require you to apply Agile values and principles for an organization transitioning... 

Serra Chevrolet

Body Shop Manager Job at Serra Chevrolet

 ...dealer groups in the nation. We are proud to represent the world's best automotive brands through our locations across Central Alabama...  .... Our mission is to provide everyone with a better automotive buying and ownership experience, and we are always looking for the right...