Information Risk Analyst - Business Continuity, Cyber Security

Brussels  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Description

Information Risk Analyst - Business Continuity, Cyber Security

My major financial client based in Brussels seeks an Information Risk Analyst to work within their Business Continuity and Assurance team within the Cyber Security Department.

The team performs multiple functions:

  • Manages regulatory adherence for security
  • Defines, establishes and provides information assurance
  • Supports security response to external RfPs
  • Manages client queries regarding security policies/controls
  • Provides assurance in response to client due diligence
  • Manages the first-line internal controls framework.

These sub-functions collaborate across security capabilities, with IT and business teams, as well as functions such as HR, Risk Management and Compliance.

Project Objective:

Obtain a differentiated view of business applications' risk profiles according to their Confidentiality, Integrity and Availability, based on my client's consolidated IT Assets Inventory, and aligned with my client's Risk Management methodology:

  • Evaluating the inherent risk of the application from a business perspective
  • Assessing separately the financial impact, the regulatory impact and the client impact in case of respectively confidentiality, integrity or availability incident
  • Ultimately slotting the applications in one of the 5 buckets of different risk profile.
  • Assessments will be conducted through workshops with business owners of the applications, business managers, Risk Management and enterprise architects.
  • This project is key to support the prioritisation for the deployment of my client's security initiatives.

Your Profile:

  • Handles standard situations by relying on existing procedures and methods, covering varied domains of expertise.
  • Relies on existing processes and policies to make decisions.
  • Focuses on execution in your domain, according to defined processes and methods. Runs and maintains the operational process.
  • Works autonomously on standard activities or non-complex demands. Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.
  • Knowledge of security risk management, risk governance.
  • Strong oral and written skills to translate complex risk requirements.
  • Experience with security and controls frameworks, such as ISO 27001, COBIT5, SANS Top 20 Controls and NIST Cybersecurity Framework.
  • Experience with audit good practice.
  • Knowledge of onsite risk assessments, and managing targeted risk remediation activities.

Start: ASAP

End:

Start date
ASAP
Duration
Until 31/05/19
From
Centum Recruitment International Limited
Published at
18.10.2018
Project ID:
1651532
Contract type
Freelance
To apply to this project you must log in.
Register