Description
IRM Consultant/Information Risk Consultant/Senior Information Risk/Operational Risk/
Remediation Information Risk/Information Security
IRM - Information Risk Management
Location: The Hague - Netherlands
Language: English
Duration: 6 months Rolling - 2 Years Contract
we are working on a number of projects in the area of Information Risk Management. One project is about addressing risks around shadow IT; identifying and mitigating risks involved in using applications that are not managed by central IT organization, but instead are procured and managed by the business. The other project is about implementing the new data privacy requirements, resulting from the new regulation from the EU, called GDPR.
Analyst information risks and controls
Conduct risk assessments in collaboration with IT
Delivery and Business staff and report the findings, and work with the business to implement controls required to mitigate the risks.
More than 4 years in IRM roles
Responsibilities
Conduct business risk assessments and recommend actions to manage identified risks.
Conduct risk-based reviews of applications to ensure they meet security architectural & design principles, and ensure compliance with all requirements and guidelines
Provide authoritative guidance on the application and operation of controls
Job knowledge requirements
Has a strong practical knowledge of IRM developments and practices.
Has detailed knowledge of the risk methodologies and of professional threat data. Demonstrates good practical knowledge of IRM concepts and practices.
Possesses an understanding of the business applications of IT.
Has proven expertise in business analysis techniques.
- An IRM analyst, capable of remediating findings, resulting from GDPR Gap Assessments, such as:
- Writing Data Disposal Plans
- Sensitive personal data risk and control assessments
- Access control matrices
- Consent models
- Knowledgeable about IRM assessment and remediation frameworks
- Experienced and versed in GDPR regulations - assessments and remediation
- Excellent communication skills, both written and oral, as individual will regularly engage with Business stakeholders, including senior Business Leaders.
- Essential to have experience in working in highly complex environments
- Individual needs to be a self-starter, capable of driving the remediation activities forward without the need for micro-management.
- IRM certifications such as CRISC, CISM, CISSP, CISA are a plus
- Experience in RSA ARCHER IRM toolset is a plus
IRM Consultant/Information Risk Consultant/Senior Information Risk/Operational Risk/
Remediation Information Risk