Senior Technology Risk Analyst

Role Overview: As a Technology Risk Analyst, you will play a crucial role in identifying, assessing, and mitigating technical risks within the organization. Your responsibilities will include developing and implementing risk management strategies to safeguard technology assets, systems, and operations. You will provide guidance on information security processes, controls, and compliance to key stakeholders, ensuring effective management of technical risks. Key Responsibilities: - Conduct comprehensive assessments of potential technical risks associated with the organization's systems, infrastructure, and technology projects. - Stay updated on industry trends, emerging technologies, and potential vulnerabilities impacting the organization's technical landscape. - Evaluate the potential impact and likelihood of identified risks, considering internal and external factors. - Collaborate with technical teams to assess security posture through vulnerability assessments and penetration testing. - Develop and implement risk mitigation strategies and action plans to address identified technical risks. - Establish and maintain an incident response plan to address technical incidents promptly and effectively. - Ensure compliance with relevant regulatory requirements and industry standards related to technical risk management. - Communicate technical risk information to both technical and non-technical stakeholders, providing regular reports on risk status and mitigation efforts. - Develop and deliver training programs to enhance awareness and understanding of technical risks among employees. - Evaluate and manage risks associated with third-party vendors and partners. Qualifications: - Total work experience of 6+ years with a minimum of 3 years in a relevant field. - Bachelor's or Master's degree in Computer Science, Information Security, Risk Management, or a related field. - Industry Relevant Certifications such as CISSP, CISA, CISM, CCSK, CPA, CIA, AWS, CIPP, CBCP, CRM or equivalent are highly desirable. - Strong understanding of technology, information security principles, and risk management frameworks. - Excellent analytical, communication, and interpersonal skills. - Ability to work collaboratively with cross-functional teams and stakeholders. - Knowledge of Enterprise Architecture frameworks like TOGAF, SABSA, etc. - Project Management Certification (PRINCE II, PMP, Agile or otherwise). - Current knowledge of best practice IT controls, risk management techniques, ISO27001, SOC1/2/3 SSAE18, CSA Star (CCM), PCI DSS, and familiarity with GRC tools. - Hands-on experience with Qualys Enterprise Tru-Risk Platform and similar leading security automation products is advantageous.,