We are seeking an external Security Risk Senior Consultant. This role is for a senior practitioner responsible for delivering the assigned engagement, not for team coordination. The candidate must have advanced PowerPoint presentation skills and basic Excel skills. Strong teamwork skills are essential.
The goal of this project is to implement an asset-based risk assessment framework at scale across the company in 2024, including updating existing instructions.
The responsibilities include coordination, planning, preparation, conducting workshops with various entities, and organizing live sharing sessions for approximately 150 participants.
The service provider should possess operational expertise in applying best practices.
We already have an Application Infosec Risk Assessment (AISRA) and aim to enhance it with PSS security assessments to achieve convergence.
Additionally, AI and Healthcare requirements will be incorporated, leveraging existing supporting libraries.
Required Expertise :
* Knowledge of DORA & Regulations
* Deep understanding of Risk & Control environments with a focus on security
* Proven experience in designing and delivering asset-based risk assessment frameworks
* Expertise in Security Risk Frameworks & Risk Assessments
* Practical experience in designing risk reduction strategies for security
* Knowledge of IT GRC, ERM, CMDB, Vulnerability Management
* Understanding of SMS for Security and its connection to other capabilities like Risk Management
* Familiarity with KRI, KPI, and their role in decision-making
* Experience with assurance testing and its integration into risk assessment approaches
* Understanding of Risk Management as a 2nd Line function and security operations within that context
#J-18808-Ljbffr