IT Risk Analyst
Location: Hyderabad, AP, IN
Company: Micron
Req. ID: 129079
The qualified candidate must have the following:
- General business process knowledge and acumen
- Ability to define and communicate risk in business-relevant language
- Excellent verbal and written communication skills
- Ability to react to high pressure dynamic changing environments
- Ability to communicate IT risk concepts to non-technical people
- Strong problem solving and analytical skills
- CRISC, CISA or CISSP preferred
- Preferred skills in SharePoint and reporting services
- In depth knowledge of IT Security Management risk practices
Responsibilities and Tasks :
- Core IT Risk Management Activities
- Develops and implements risk ownership, standards, policies, and guidelines for the enterprise
- Ensures and monitors compliance with industry and government rules and regulations
- Leads activities to ensure security compliance that meets all contractual requirements
- Reports risk performance against established enterprise risk metrics
- Serve as an internal subject matter expert, interfacing with internal and external audit teams on all regulatory compliance audits, related processes and testing efforts. Ensures and monitors compliance with applicable industry and government rules and regulations
- Conducts technical research as needed to aid with threat assessment or risk mitigation activities
- Additional risk management activities as needed
Business Communication Activities:
- Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and be able to communicate to responsible team members
- Creates and manages an information risk awareness program to ensure team members across the enterprise understand the principles of information security and information risk
- Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of current or emerging consumer technologies so that policy can align with need
- Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
- Advises business-led technology projects on IT risk awareness and standards compliance where applicable
Education (Required):
- Bachelor’s Degree
- Computer Science
- Management Information Systems
- Business Administration
- Related field of study
Experience (Required):
- 3-5 years of experience in any of the following:
- Analyzing and applying information security, risk management, and privacy practices or policies
3-5 years of experience in any of the following:
- Strategy definition or program management preferred
- IT Business liaison role
- Risk Analytics experience within finance and/or IT
- Threat, vulnerability, business continuity, and risk assessment
- National and international regulatory compliances and frameworks such as ISO, SOX, EU DPD, HIPAA, PCI DSS and NIST Cyber Security Framework