Cybersecurity Risk Analys
Client of hirelebanese
Employer Active
Posted 21 hrs ago
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
ROLE:
Cybersecurity Risk Analyst role is to facilitate the implementation of a comprehensive risk-based approach for our client. This includes the steps of risk assessment, risk treatment framing and risk acceptance process handling.
Liaison with Third Party Risk Management, Governance and Compliance teams will be essential, in order to assess the level of security of critical applications, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored.
The Cybersecurity Risk Analyst reports to the Cyber Risk Manager.
RESPONSIBILITIES:
Be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
Challenge and validate application prequalification CIA scoring by the Risk Owners
Perform security risk assessments following ISO 27005 methodology
Review security architectures, cloud & networks integration for critical application ecosystems
Identify security objectives & define remediation plans in regard to security policies or standards
Act as a technical expert with cybersecurity & IT stakeholders
Act as a functional expert/evangelist with Business stakeholders
Tackle critical applications legacy and perform backlog treatment through project management
Be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
Determines security requirements by evaluating business strategies and threat landscapes.
Ensure that policy compliance is appropriate to the organization level of risk acceptance.
Evaluate if appropriate controls are in place and oversee/create actions plans
Advise stakeholders on how to apply the relevant remediations and assist with solutions to support it.
Ensure Risk Assessments are documented and communicated as relevant to technical stakeholders
and understandable to non-technical audiences.
Support security initiatives deliveries as needed and track progress with compliance team.
Evangelize cybersecurity risk-based approach and communicate around best practices
Develop and maintain close working relationships with GRC teams, Architecture Security teams and IT
stakeholders.
Build and maintain a cybersecurity Risk Register with strategic & operational risks identification and
scoring on your defined scope
Build and maintain a cybersecurity Risk Map based on the Risk Register on your defined scope
Act as a mentor and contribute to the development of the team in areas of expertise.
Promote and develop cybersecurity awareness and cybersecurity by-design culture across the organization
QUALIFICATIONS & PROFILE:
Education:
Bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent.
Knowledge & Experience:
You have at least 8 years of experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
You hold one or more relevant industry certifications, including but not limited to:
Risk Manager ISO 27005
EBIOS RM
NIST CSF
Certificate of Cloud Security Knowledge (CCSK)
Certified Information Systems Security Professional (CISSP)
ISO 27001 Lead auditor or Lead Implementer
Certified Information System Auditor (CISA)
Certified Cloud Security Professional (CCSP)
Certified Ethical Hacker (CEH)
Soft Skills:
Excellent verbal, written and interpersonal communication skills.
Ability to adapt communication language depending on the audience (technical to non-technical
with businesspeople & top management)
Knowledge Management driven
Highly self-motivated with keen attention to detail.
Analytical skills, pragmatic approach to IT and OT security issues
Planning, organization and coordination skills
Ability to properly manage time and priorities
Team spirit, efficiency, structured mindset, quality driven and results oriented
Ability to identify and address complex problems into pragmatic solutions
Ability to work in an international environment, in contact with multicultural teams
Ability to synthetize complex topic & problematics
Fluent English mandatory, French is a plus.
Cybersecurity Risk Analyst role is to facilitate the implementation of a comprehensive risk-based approach for our client. This includes the steps of risk assessment, risk treatment framing and risk acceptance process handling.
Liaison with Third Party Risk Management, Governance and Compliance teams will be essential, in order to assess the level of security of critical applications, produce executive reports on the recommendations identified and establish security plans to be implemented and monitored.
The Cybersecurity Risk Analyst reports to the Cyber Risk Manager.
RESPONSIBILITIES:
Be the referent analyst for one or several Business Lines (Shipping, Ships, Logistics, Transport, Corporate Functions, Media, Innovation)
Challenge and validate application prequalification CIA scoring by the Risk Owners
Perform security risk assessments following ISO 27005 methodology
Review security architectures, cloud & networks integration for critical application ecosystems
Identify security objectives & define remediation plans in regard to security policies or standards
Act as a technical expert with cybersecurity & IT stakeholders
Act as a functional expert/evangelist with Business stakeholders
Tackle critical applications legacy and perform backlog treatment through project management
Be a key contributor or project lead for framework enhancement, maturity level improvement, KRIs/KPIs dashboarding reporting
Determines security requirements by evaluating business strategies and threat landscapes.
Ensure that policy compliance is appropriate to the organization level of risk acceptance.
Evaluate if appropriate controls are in place and oversee/create actions plans
Advise stakeholders on how to apply the relevant remediations and assist with solutions to support it.
Ensure Risk Assessments are documented and communicated as relevant to technical stakeholders
and understandable to non-technical audiences.
Support security initiatives deliveries as needed and track progress with compliance team.
Evangelize cybersecurity risk-based approach and communicate around best practices
Develop and maintain close working relationships with GRC teams, Architecture Security teams and IT
stakeholders.
Build and maintain a cybersecurity Risk Register with strategic & operational risks identification and
scoring on your defined scope
Build and maintain a cybersecurity Risk Map based on the Risk Register on your defined scope
Act as a mentor and contribute to the development of the team in areas of expertise.
Promote and develop cybersecurity awareness and cybersecurity by-design culture across the organization
QUALIFICATIONS & PROFILE:
Education:
Bachelor or Master degree in Cybersecurity, Computer Science, Information Technology or equivalent.
Knowledge & Experience:
You have at least 8 years of experience in a similar role or GRC related (IT audit, risk management or advisory, etc.)
You hold one or more relevant industry certifications, including but not limited to:
Risk Manager ISO 27005
EBIOS RM
NIST CSF
Certificate of Cloud Security Knowledge (CCSK)
Certified Information Systems Security Professional (CISSP)
ISO 27001 Lead auditor or Lead Implementer
Certified Information System Auditor (CISA)
Certified Cloud Security Professional (CCSP)
Certified Ethical Hacker (CEH)
Soft Skills:
Excellent verbal, written and interpersonal communication skills.
Ability to adapt communication language depending on the audience (technical to non-technical
with businesspeople & top management)
Knowledge Management driven
Highly self-motivated with keen attention to detail.
Analytical skills, pragmatic approach to IT and OT security issues
Planning, organization and coordination skills
Ability to properly manage time and priorities
Team spirit, efficiency, structured mindset, quality driven and results oriented
Ability to identify and address complex problems into pragmatic solutions
Ability to work in an international environment, in contact with multicultural teams
Ability to synthetize complex topic & problematics
Fluent English mandatory, French is a plus.
Company Industry
- Recruitment
- Placement Firm
- Executive Search
Department / Functional Area
- IT Software
Keywords
- Cybersecurity Risk Analys
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Client of hirelebanese