Master information
Analyst for Technology and Cyber Risk
Position: Not specified
Start: As soon as possible
End: Not specified
Location:
Longueuil, Canada
Method of collaboration: Project only
Hourly rate: Not specified
Latest update: Sep 24, 2024
Task description and requirements
- Support the implementation of a comprehensive IT risk management practice across the global IT organization. Assist in identifying potential IT risks, evaluating their impact, and formulating mitigation strategies. Track the mitigation or acceptance of risks.
- Assist the Security Risk Manager in monitoring and reviewing the IT risk management process to ensure alignment with the organization's risk appetite and business objectives.
- Facilitate IT risk management training within the IT community, fostering a culture of risk-aware decision-making, accountability, and an effective control environment.
- Analyze and process risk-related data to identify patterns and trends.
- Create visualizations and reports to communicate insights derived from the data.
- Rapidly understand and assimilate technology and risk management concepts.
- Serve as a subject matter expert in managing the Integrated Risk Management (IRM) platform (Service-Now IRM), handling risk statements, entities, and controls management.
- Act as the primary point of contact for support related to the Risk platform.
- Display independence and autonomy in performing the role proactively.
- 3 to 5 years of experience in Information Technology. Experience in Security is a plus.
- A degree in Information Technology or a related field.
- Experience working in a large/global enterprise IT environment is a plus.
- Knowledge of technology (applications, network, etc.).
- Familiarity with IT Governance frameworks such as ISO 27001.
- Experience in governance, compliance, and audit within IT environments.
- Willingness to travel occasionally and work outside standard business hours as required.
- Knowledge of the Service-Now Integrated Risk Management (IRM) platform.
- Professional certification is a plus, in one or more of the following disciplines: IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA), or Payment Card Industry (PCI) compliance.