My client a government department are looking to recruit an experienced Cyber Security Risk Analyst who is a SME on application security risk .
My client is a global organisation and risk requests can come in anywhere from around the globe
Duties and Responsibilities
- Application Risk assessment, analysis, management, and risk reporting across 1000s of applications globally
- Ensure all applications, systems are risk assessed and approved as per existing process.
- Threat and risk vulnerability, modelling
- Creating and managing risk register and risk policies and standards and process,
- Carrying our threat and vulnerability assessment
- Engage with the business to ensure new risks are identified and managed.
- Creating process, schedule for risk assessment for re-assessments.
- Carrying out third party and supplier third party risk audits.
- Ensure risks are identified, assessed managed and reported in a timely manner.
- Proactively identify gaps and make improvements.
- Produce quality reports on security risks, progressions, and non-noncompliance with policies.
- Engage and build relationships with internal and external stakeholders.
Essential experience
- CISSP,CISM or CRISC qualified
- Experience of working with security frameworks, NIST and specifically SPF and NCSC Risk Management Guidance
- Experience of working with NCSC’s Cloud Principles, Cloud Assurance Framework and other NCSC and HMG standards and guidance.
- Experience of risk a threat models and risk assessment methodologies and frameworks such as NCSC’s Cyber security risk management framework, ISO31000, ISO25005.
- 5 + years of working in security in large global , diverse, and complex organisation in risk management roles.
- Demonstrable hands on experience of risk management, assessment, and thread modelling
- Threat and vulnerability assessment experience
- Experience of risk a threat models and risk assessment methodologies and frameworks such as NCSC’s Cyber security risk management framework, ISO31000, ISO25005.
- Extensive knowledge of threat and vulnerability, attack types and response.
- Extensive experience of carrying out risk assessment, IT, Cloud risks etc and managing third party risks.
- Ensure all IT application, services and systems risk assessed.
- Experience producing high quality documentation, policies, process, and reporting.
- Experience of structured and analytical approach to problem solving and problem resolution.
Job Information
Job Reference: DB-2309-337632
Salary: £520 - £525 per day
Salary per: zero
Job Duration: 3 month rolling
Job Start Date: ASAP
Job Industries: Cyber Security Jobs
Job Locations: Greater London
Job Types: Contract
Job Skills: Application Security, Cyber, Risk