Risk Management Analyst - Barcelona, España - TD SYNNEX

TD SYNNEX
TD SYNNEX
Empresa verificada
Barcelona, España

hace 1 semana

Isabel García

Publicado por:

Isabel García

beBee Recruiter
Descripción

The Cyber Risk Management Analyst is responsible for assessing risk and compliance for the informational and system assets of TD SYNNEX and its suppliers.

Will be responsible for executing the implementation of the organization-wide ISMS risk management function of the information security program to ensure information security risks are identified, assessed and monitored.

Will be responsible for assessing 3rd party risks of SaaS, IaaS and PaaS partners utilized by the global enterprise.

Will be responsible for providing assurances to reseller, vendor partners and other organizations that seek attestations from TD SYNNEX on it's security program.


Duties and Responsibilities:


  • Serve as a point for contact for the information security team for the business stakeholders and customers/vendors.
  • Liaison with the Senior Manager of Cyber Assurance and Risk Management to ensure the strategy of the business objectives are balanced with appropriate risk awareness and management.
  • Drive maturity of the organization to achieve and maintain ISO 27001/2 and CMMC compliance.
  • Perform risk assessments on 3rd party suppliers
  • Conduct analysis security incidents, decisions regarding risk, and measures for product, computer, network, cloud and partner security.
  • Participate in the implementation of the organizationwide ISMS risk management function of the information security program to ensure information security risks are identified, assessed and monitored.
  • Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the Company's information and technology systems.
  • Analyze, track and communicate adversarial and nonadversarial risks to IT and relevant business stakeholders
  • Track adversaries, motives and techniques to ensure mitigating controls are adequate and adjust when there is a change in trending.
  • Analyze mitigating controls to CIS standards, identify gaps and action plans to track remediation and the environment risk posture.
  • Maintain a view of major threat vectors, mitigating controls and action plans to remediate gaps.
  • Work with customers, external auditors, and outside consultants as appropriate on required security assessments and audits.
  • Must be able to assess computer hardware, software, systems and cloud for security risks or violations and work with company staff and technology vendors to recommend solutions. Must be able to assess the status of complex multilocation projects as well as identify and track appropriate corrective measures to resolve issues as they arise.
  • Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations.
  • Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.

Qualifications

  • 2 years of IT experience
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
  • Experience interacting with customer and employees
  • Ability to develop security standards and guidelines based on best practices and industry standards
  • Ability to learn new skills quickly

Preferred Qualifications

  • Understanding of common security and privacy standards, regulations, and laws relating to a cloud software development company (e.g., SOC 2, ISO 27001/2, GDPR)
  • Knowledge of information security risk management frameworks and compliance practices, including ISO 27001and NIST
  • Bachelor's degree in information technology or other related field
  • Skills in documenting risk and compliance activities
  • Information security related training or certifications such as CISSP, CRISC, or CISA.
  • Experience performing information security audits or risk assessments
  • Familiarity with security auditing processes
  • An understanding of policy development and dissemination
  • Experience working with auditors and accessors
LI-SS1


What's In It For You?
-
Elective Benefits: Our programs are tailored to your country to best accommodate your lifestyle.
-
Grow Your Career:Accelerate your path to success (and keep up with the future) with formal programs on leadership and professional development, and many more on-demand courses.
-
Elevate Your Personal Well-Being: Boost your financial, physical, and mental well-being through seminars, events, and our global Life Empowerment Assistance Program.
-
Diversity, Equity & Inclusion:It's not just a phrase to us; valuing every voice is how we succeed. Join us in celebrating our global diversity through inclusive education, meaningful peer-to-peer conversations, and equitable growth and development opportunities.
-
Make the Most of our Global Organization: Network with other new co-workers within your first 30 days through our onboarding program.
-
Connect with Your Community: Participate in internal, peer-led inclusive communities and act
Más ofertas de trabajo de TD SYNNEX
Ver todas las ofertas de empleo de TD SYNNEX