Deloitte - Boise, ID

posted 3 days ago

Full-time - Senior
Boise, ID
1,001-5,000 employees
Professional, Scientific, and Technical Services

About the position

The Senior Technology Risk Analyst will play a crucial role within Deloitte's Cyber Security, Risk & Compliance group, focusing on performing information security risk assessments and deploying risk treatment techniques for both on-premises and cloud-hosted IT applications and infrastructure. This position emphasizes the continual enhancement of an information security risk assessment program, particularly in alignment with ISO 27001 or similar standards.

Responsibilities

  • Assist with developing and executing a repeatable risk assessment methodology.
  • Empower ISO certification by identifying, leading, and coordinating risk management activities through interviews, documentation analysis, and coordination with multiple stakeholder teams.
  • Apply the information security risk assessment process to identify risks associated with the loss of confidentiality, integrity, and availability.
  • Identify inherent risk, evaluate current state, and determine residual risk posture for a variety of information technology asset categories and asset types.
  • Evaluate information security threats and associated vulnerabilities.
  • Prepare risk assessment report deliverables for management review.
  • Coordinate with numerous stakeholder groups to develop risk remediation plans.
  • Advance risk treatment initiatives to lower risk profile per asset target.
  • Support initiatives to educate technology functions on security and compliance requirements.
  • Perform other job-related duties as assigned.

Requirements

  • Experience in information security risk assessment and management.
  • Knowledge of ISO 27001 or similar information security management systems.
  • Strong analytical skills to evaluate risks and vulnerabilities.
  • Excellent communication skills for coordinating with stakeholders and preparing reports.
  • Ability to work collaboratively in a team environment.

Nice-to-haves

  • Certifications in information security (e.g., CISSP, CISM, CRISC).
  • Experience with cloud security frameworks and compliance standards.
  • Familiarity with risk management tools and methodologies.

Benefits

  • Health insurance coverage.
  • 401k retirement savings plan.
  • Paid holidays and vacation time.
  • Professional development opportunities.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service