Description
For our prestigious client based in Brussels, we are looking for two information risk analysts to support their cyber security department on a 6-month contract, with likely extensions.
Your part of the deal:
Based on our consolidated of IT Assets Inventory, the objective of the project is to obtain a differentiated view of business applications risk profile according to their Confidentiality, Integrity and Availability, aligned with the client's Risk Mgt methodology:
- evaluating the inherent risk of the application from a business perspective;
- assessing separately the financial impact, the regulatory impact and the client impact in case of respectively confidentiality, integrity or availability incident;
- ultimately slotting the applications in one of the 5 buckets of different risk profile.
Assessments will be conducted through workshops with business owners of the applications, business managers, Risk Management and enterprise architects.
This project is key to support the prioritisation for the deployment of the client's security initiatives.
Your Profile:
- Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
- Relies on existing processes and policies to take decisions.
- Focuses on execution in his domain, according to defined processes and methods. Runs and maintains the operational process.
- Works autonomously on standard activities or non-complex demands. Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
- Knowledge of security risk management, risk governance.
- Strong oral and written skills to translate complex risk requirements.
- Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
- Experience with audit good practice.
- Knowledge of onsite risk assessments, and managing targeted risk remediation activities.
The client is looking for two profiles to start immediately so send your CV today for immediate consideration!
Keywords: Information Risk, Information Security, Risk management, Risk analysis, Risk assessment, Information Security management, Security frameworks, cyber security, ISO 27001, COBIT5, SANS Top 20 Controls, NIST, Security standards, Operational security