Risk Assessment Specialist

The Intersect Group is partnered with our client in Phoenix who is seeking a skilled Risk Management Specialist to join our team, focusing on risk oversight in a highly regulated banking environment. The ideal candidate will have a strong background in IT and Risk Management, with hands-on experience in areas such as helpdesk support or SOC analysis. This role requires expertise in NIST and COBIT frameworks, as well as quantitative risk assessment methodologies, particularly the FAIR framework.Location: Phoenix 85004 (near 1st Avenue and Washington Street); 4 days onsite 1 day remoteInterview Process: 2 virtual rounds of interviewsQualifications:Education: Bachelor's degree in a related field; Master's degree preferred.Experience: Minimum of 4-5 years in Risk Management, Information Technology, or Cybersecurity, with at least 3 years in first line or second line functions within a banking or regulated environment.Framework Expertise: Strong knowledge of NIST and COBIT frameworks; familiarity with other regulatory guidance for technology and cybersecurity.Quantitative Risk Analysis: Experience with quantitative risk assessments and the FAIR methodology.Technical Background: Previous experience in IT support (helpdesk) or as a SOC analyst is highly desirable.Certifications: Professional certifications such as CISSP, PCNA, or C-Risk are strongly munication Skills: Excellent verbal and written communication skills, with the ability to engage and influence stakeholders at all levels.Analytical Skills: Strong analytical abilities to assess processes, data, and trends to recommend enhancements and anizational Skills: High degree of organization and personal accountability, with the capability to make decisions in an ambiguous and fast-paced environment.Responsibilities:Risk Oversight: Monitor and analyze external industry trends and regulatory changes impacting technology and information security risk management.Annual Risk and Control Self-Assessments (RCSAs): Lead and execute annual RCSAs, ensuring comprehensive evaluations of first line functions and compliance with regulatory requirements.Targeted Assessments: Conduct targeted assessments to evaluate first line functions, utilizing regulatory guidance and current trends in technology and information security.Process Level Assessments: Perform detailed process-level assessments to identify vulnerabilities and recommend enhancements.Vendor Management: Assist in managing penetration testing and physical security assessments with external vendors, ensuring deliverables align with internal standards.Reporting and Metrics: Develop and report on internal metrics for IT and Information Security, presenting findings to various stakeholders.Identity Crisis Management: Provide expertise in managing identity crisis situations within the organization, implementing best practices for remediation.Collaboration: Engage with first, second, and third-line stakeholders to ensure effective communication and coordination across the organization's risk management framework.

Created: 2024-11-19