Senior Risk Analyst

Hi

We have an urgent C2H opening for Senior Risk Analyst Day 01 Onsite in Cincinnati OH

Our client is looking to fill this role immediately.

If you are interested in this role Please share the updated resume filled skill matrix consultant details visa and dl copy ASAP.

Skill Matrix:

Skills

Years of experience

Over all experience

Total years of work exp in US

As Senior Risk Analyst

Risk Management

In CyberSecurity / Technology/Information security

Security Controls frameworks (CobiT ISO 27001 NIST NIST CSF PCI DSS RMF)

Privacy regulations (GDPR CPRA NIS NIS2 CPA)

GovernanceRiskCompliance (GRC) (OneTrust Archer Xacta)

Security Control Frameworks (ISO NIST HIPAA PCI SOX)

GT Risk Management

GT and corporate processes (M&A JV Projects and 3rd Party/Vendor Management)

Consultant Details:

Criteria

Consultants Data

Full Name

Primary Phone

Primary Email

Education Details Graduation

Education Details Masters

Certification if any

LinkedIn Profile

US work authorization and expiration

Passport Number

Expected pay rate/hr on W2

Expected pay rate/hr on 1099

Current Company Name

Current location (City/State)

Willing to relocate (yes/No)

Availability to join new project/ Notice period

Have you ever worked or interviewed for this client in the past

If yes as a consultant or as an employee

Last 5 digits of Social Security Number

Birth month and day (NOT YEAR)

Position: Senior Risk Analyst

Location: Day 01 Onsite in Cincinnati OH

Contract type: CTH

Job Description:

• Participate in ongoing reviews of global companys Risk Management Program.
• Contribute to strategic plans supporting program objectives and alignment of technology risk activities across company. Apply quantitative risk valuation models and tooling to inform and support strategic and tactical riskbased decisions.
• Assist in delivering GT Risk Management programs to mitigate technologyrelated risks.
• Contribute to program governance and processes for identifying assessing and responding to risks.
• Collaborate with other GT and corporate processes (M&A JV Projects and 3rd Party/Vendor Management).
• Maintain risk assessment methodologies processes artifacts and training.
• Lead or manage assessments and remediation efforts tracking progress and reporting on security control gaps.
• Analyze risk/control information to formulate recommendations metrics and reports for management decisionmaking.
• Ability to analyze and aggregate risk across a complex organization and articulate risk clearly.
• Register GT risks work with risk owners on risk treatment and monitor risk treatment response and mitigation with risk owners. Weight business needs against security concerns and articulate issues and options to management.
• Present risk register and treatment plans to stakeholders on a regular basis.
• Enhance collection and maintenance of OneTrust risk register information.
• Work crossfunctionally to improve workflow and collect required risk profile data.
• Assist project teams in the implementation of security measures to meet corporate security policies manage risk and meet external regulations including various data security standards.
• Ensures of proper documentation of technology assessment results and monitors remediation. Deliver all documentation developed during task execution with status of all work in progress. Create Weekly and Monthly Status Reports including daily technical task reports threat management reports among others.
• Support the Business Technology Disaster Recovery process.
• Support the resolution of Internal Audit Compliance Risk Management Regulatory related issues that could impact the confidentiality availability or integrity of data or processes.

What Youll Need

• Five to Ten (510) years direct experience in a Risk Analyst role is required.
• A bachelors or masters degree in computer science CyberSecurity or in a technology/information securityrelated field is preferred and can substitute degree in lieu of some actual experience.
• Experience with Security Controls frameworks (e.g. CobiT ISO 27001 NIST NIST CSF PCI DSS RMF among others) and knowledge of privacy regulations (e.g. GDPR CPRA NIS NIS2 CPA etc.).
• Experience with a GovernanceRiskCompliance (GRC) software suite (OneTrust Archer Xacta . etc.) is required; prefer direct experience with OneTrust.
• Must be able to demonstrate a strong understanding of Security Control Frameworks (ISO NIST HIPAA PCI SOX) is required; prefer multiple framework experience vs single framework experience.
• Strong leadership critical thinking and collaboration skills required.
• Attention to detail is a critical success factor for this role.
• Ability to influence peers colleagues and managers across business and divisional Lines to Take action on complex technical or sensitive topics with companywide impact.
• Must be analytical and Possess Ability to interpret and apply policies and regulations across a large complex business.
• Able to work effectively in an environment characterized by multitasking fastpaced lead by multiple projects and conflicting priorities. Multilevel communications and interpersonal skills (including strong documentation skills). Able to effectively communicate securityrelated concepts to a broad range of technical and nontechnical staff across IT and business.
• Strong technical information security knowledge to assess various information security and risk management processes and tools.
• Any one certification in; CISSP CRISC CISA CASP CYSA ISA or Security CE is preferred.