IT Risk Analyst and Reporting Manager, Porto
Client:
ALTER SOLUTIONS
Location:
Porto, Portugal
Job Category:
Other
EU work permit required:
Yes
Job Reference:
645aa928b6ec
Job Views:
15
Posted:
23.01.2025
Expiry Date:
09.03.2025
Job Description:
Main Responsibilities:
* Maintain cloud cybersecurity risk cartography:
o Follow-up data quality and comprehensiveness in cloud assets referential (Cloud Register) and cloud risks referential (cloud risks in the Risk Register) in ServiceNow tooling.
o Build, improve and provide risk reporting templates using ServiceNow or an external tool (such as Tableau).
o Provide periodic cloud risk reporting.
o Active role in the preparation of quarterly cloud risk committees.
o Understand risk assessments already produced (based on ISO 27005/EBIOS Risk Manager) and impacts of remediation plans progress on risks.
o Skills to follow up/challenge remediation plans implemented by service providers or entities.
o Contribute actively in risk assessments of cloud platforms and cloud applications.
o Ideally, skills to lead risk assessments following ISO 27005/EBIOS Risk Manager methods.
Other Activities:
* Contribute in (cloud) third parties onboarding studies (risk assessment, review of case studies, …).
* Contribute to governance/organization topics on third-party cases.
* Contribute to governance/organization topics related to the team.
* Contribute to follow-up of third-party governance in run.
Technical Skills:
* Certification ISO 27001.
* Knowledge of a risk management tool such as ServiceNow or reporting tool such as Tableau.
* Knowledge on Cloud specific Cyber Security (such as SOC2, CSA, ISO27017).
* Knowledge on Cyber Security control frameworks (such as NIST, CIS).
#J-18808-Ljbffr