About the Role
The IT Risk Specialist is a critical role within our organization, responsible for ensuring the effective management of risk-related deliverables. This includes translating cybersecurity and risk controls into actionable plans, fostering strong relationships with technical squads, and maintaining compliance with organizational policies.
Key Responsibilities:
* Managing the risk-related backlog of Platform Tribe, including budgeting, planning, testing, reporting, and recommending remediation measures.
* Oversight and monitoring of risk mitigation and coordination of policy and controls with various stakeholders to ensure practical remediation steps are taken.
* Creating and updating documentation of identified IT risks and controls.
* Facilitating Business Impact Analysis (BIA), IT risk analysis, and management processes, as well as identifying acceptable levels of residual risk.
* Designing and conducting risk assessments and data protection impact assessments.
* Managing oversight of technical risk assessments, such as vulnerability scanning and penetration testing.
* Managing third-party risk assessments.
* Creating and maintaining an updated security baseline.
* Supporting the implementation of Security Monitoring (SEM).
* Planning and monitoring Vulnerability Scans and Penetration Tests, and following up on detected issues.
* Managing the patching management process and following up on detected problems.
* Managing the life cycle management (LCM) risk of assets.
* Overseeing Restore tests with the support of technical squads.
* Managing Non-Personal Accounts risk controls and procedures in accordance with the Global Framework.
Requirements:
* A university degree in Information Technology or a related field is preferred.
* At least 3 years of experience in Tech, IT Security, and Risk Management.
* Proven knowledge of at least one information security and risk framework (e.g., ISO27001, NIST, COBIT, CISSP, CISM, CISA, CRISC).
* Experience with ITIL and PM Methodologies.
* Fluency in English (written and spoken).
* Advanced user of MS Office, particularly Excel.
Soft Skills:
* Result-oriented.
* Teamwork.
* Problem-solving.
* Analytical skills.
* Stakeholder management.