You are using the web browser we don't support. Please upgrade or use a different browser to improve your experience.
"icon arrow top"

Senior IT Risk Analyst

182/10646

Mostyn Chase

£65K plus bonus & benefits

London, United Kingdom

Information Security,Risk

Permanent | Full Time

ASAP

11/02/2019

Not specified

The Corporate Security Risk team of this global payments company has a new vacancy for an experienced IT Risk Analyst to help with their developing security risk management programme. The work will involve the continuing expansion of the FAIR risk assessment programme which is already underway, including the preparation, assessment and presentation of quantitative risk assessments to senior personnel.

The IT Risk Analyst will be contributing towards the continuing development of the FAIR risk models they use, including work on the calibration and continual refinement of their modelling data.  This will be an ideal opportunity for an experienced risk analyst to develop their skills and knowledge of quantitative assessment methods and the practical application of the FAIR risk methodology.  

The successful candidate will also need to be comfortable presenting their results to a wide ranging audience, from individuals to large groups of people, being able to articulate clearly and simply the principles of the FAIR risk methodology as applied to their analyses and the basis for their conclusions.  

All About You

•    Experience of working with the following standards, frameworks and methodologies – PCI-DSS, ISO2700 series, NIST (CSF, 800-53), CMMI
•    Experience of working with common risk management methodologies – ISO (27005/31000), NIST (800-30/800-37), COSO, FAIR.
•    Significant experience in performing risk management activities, with an ability to translate risk information/concerns in order to articulate key messages. 
•    Experience delivering presentations and supporting messaging to senior leadership 
•    At a minimum, intermediate level of expertise in IT risk management or a related discipline – security, privacy, business continuity management or compliance.

Beneficial Professional Certifications include:
•    CISSP - Certified Information Systems Security Professional
•    CRISC - Certified in Risk and Information Systems Controls
•    CRM - Certified Risk Manager