IT Risk Analyst

IT Risk Analyst
Duties:
• Conduct comprehensive end-to-end information security risk assessments to identify, assess, and measure information security risks for systems, applications, facilities, technical environments, networks, projects, workflows, and third parties impacting IT and business initiatives globally
• Review new applications, emerging technologies and services and provide guidance to business stakeholders on the risk of reviewed targets
• Prepare risk assessment reports that drive management decision-making to address identified risks by risk reduction, acceptance, avoidance, and transfer
• Provide thoughtful and insightful advice to remediation owners in the formulation of risk treatment plans and ensure the risk treatment plans are in place and adhered to
• Present risks to executive management
• Manage relationships with security, technology, and business stakeholders and lead meetings to communicate information security risks and drive risk decisions from risk owners by providing multiple mitigation approaches.
• Contribute to and support continuing improvements and efficiencies in the risk program
• Leverage the ServiceNow GRC platform in carrying out risk activities (Risk assessment, remediation, etc.)
• Support vendor onboarding as needed by reviewing information security terms in third-party contracts
• Perform Business Impact Assessments to identify critical third parties and applications