Address
Form of work
SalaryOverview: As a Risk Analyst in the field of Information Technology (IT), your primary responsibility is to identify, analyze, and mitigate risks associated with IT systems, infrastructure, and operations within the organization. You will work closely with IT teams, security experts, and management to ensure that risks are effectively managed and that the organization's IT assets remain secure and operational. This role is contract position up to one year and is onsite in Miami.
Key Responsibilities:
- Identify potential risks to IT systems, infrastructure, and operations through thorough analysis of current processes, systems, and technologies.
- Assess the likelihood and impact of identified risks on IT operations and business objectives. Develop risk assessment methodologies and frameworks to quantify and prioritize risks.
- Monitor and analyze vulnerabilities in IT systems and applications. Coordinate with IT teams to ensure timely patching and remediation of vulnerabilities to reduce the risk of exploitation.
- Ensure IT systems and processes adhere to relevant regulatory requirements and industry standards (e.g., GDPR, HIPAA, ISO 27001). Conduct regular compliance assessments and audits to identify and address non-compliance issues.
- Develop and maintain incident response plans to address potential security incidents and data breaches. Collaborate with IT and security teams to test and refine incident response procedures.
- Recommend and implement risk mitigation strategies and controls to reduce the likelihood and impact of identified risks. This may include implementing security controls, enhancing access controls, or improving disaster recovery procedures.
- Establish monitoring mechanisms to track key risk indicators and provide regular reports to management on the status of IT risks. Highlight emerging risks and trends that may impact IT operations or the overall business.
- Communicate effectively with stakeholders, including IT teams, management, and external auditors, to convey risk assessment findings, mitigation strategies, and compliance status.
- Develop and deliver training programs to increase awareness of IT risks and security best practices among employees. Promote a culture of security and risk awareness throughout the organization.
Qualifications:
- Bachelor's degree in Information Technology, Computer Science, Risk Management, or related field. Advanced degrees or certifications (e.g., CISSP, CISA, CRISC) are a plus.
- Proven experience in IT risk management, information security, or related field.
- Strong understanding of IT infrastructure, systems, and security principles.
- Familiarity with risk assessment methodologies and frameworks (e.g., NIST Cybersecurity Framework, FAIR).
- Experience with vulnerability management tools and techniques.
- Excellent analytical and problem-solving skills.
- Effective communication and interpersonal skills, with the ability to interact with stakeholders at all levels of the organization.
- Ability to work both independently and collaboratively in a fast-paced environment.
- Strong attention to detail and ability to prioritize and manage multiple tasks effectively.
- Ability to work a one year assignment.
- Ability to work onsite in Miami.
