WSP’s Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients.
To run our global Technology &Cyber Risk Management process, we are seeking 2 IT Risk Analysts. This role will report to the Senior Manager for Technology and Cyber Risk.
As a Risk Analyst, you will be supporting the Technology &Cyber Risk Manager in running IT risk management process. You will work closely with IT teams to manage technology-related risks and foster relationships. This role requires good analytical, excellent organizational skills and the ability to work effectively in a diverse, global environment. You will need to be able to prioritize tasks and manage your time effectively.
• *MAIN RESPONSIBILITIES**
- Support the implementation of a comprehensive and effective IT risk management practice across the WSP global IT organisation. This should include facilitating the identification of potential IT risks, the evaluation of their impact, the formulation of strategies to mitigate these risks, and the tracking of their mitigation and/or acceptance. Assist the Security Risk Manager in conducting regular monitoring and review of the IT risk management process to ensure its effectiveness and alignment to the organization’s risk appetite and business objectives.
- Facilitate delivery of IT risk management training within the IT community and support establishing a culture of risk-aware decision-making, accountability, and a commitment to maintaining an effective control environment.
- Analyze and process data related to risks, issues and deficiencies to identify patterns and trends.
- Create visualizations and reports that communicate the insights gained from the data.
- Understand and assimilate rapidly technology, and risk management concepts and dependencies.
- Be the central point of contact for all support related to the Risk platform. Proactive and display independence and autonomy in performing the role.
• *Requirements**:
• *About you**:
- 3 to 5 years related experience in Information Technology, experience in Security is a plus.
- Experience with IT Governance frameworks such as ISO 27001
- Experience with governance, compliance, and audit within IT environments
- Limited travelling may be required.
- A degree in information technology, or related field.
- Experience working in large/global enterprise IT is a plus.
Due to the nature of this role, you may need to work outside of standard business hours occasionally.
• *Preferred**
- Knowledge of Service-Now Integrated Risk Management platform (IRM)
- Professional certification is a plus, in one or more of the following disciplines — IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA) or Payment Card Industry (PCI)
