IT Risk Management Analyst - TalentFish LLC

Job Title: Risk Management Analyst
Primary Location: Hybrid (Tues-Thurs) - Northwest Suburb of Illinois location
Position Type: Direct Hire

Overview
TalentFish is casting a line for a collaborative & detailed IT Risk Management Analyst for our premier client. This is a hybrid, direct hire role in the Chicago land area of Illinois.

This is an exciting opportunity where the new IT Risk Management Analyst will support activities related to the development, management, and compliance with the organization's IT and Security Policy. This role will report to the Manager of IT Risk Management and will actively collaborate with stakeholders across the enterprise including applicable working groups and committees.

What You Bring to the Role. (Ideal Experience)

• Bachelor's or equivalent.
• 4-6+ years' experience in cybersecurity, risk management, compliance, IT governance, or other related functions.
• 3-5+ years' experience authoring and managing IT and Security Policies, Procedures, and/or Standards.
• 2+ years' experience performing IT or Security assessments or audits.
• Knowledge and demonstrable experience utilizing / assessing against common security and controls frameworks: COSO / CoBIT, NIST CSF, NIST 800-53, NIST 800-37, ISO27001, CIS Controls (or equivalent).
• Knowledge and demonstrable experience utilizing common risk management tools: Archer, ServiceNow IRM, MetricStream, or similar.
• Experience supporting risk management processes including risk register, treatment / remediation, POAM, or reporting.
• Demonstrable experience in supporting security metric and risk reporting programs.
• Excellent writer who can draft new policy, procedure, and standard materials and is also comfortable updating existing materials.
• Great communicator that can articulate risk concepts to both technical and non-technical audiences.
• Great listener that can capture and understand stakeholder requirements to translate into security controls.
• Multitasker who is comfortable supporting parallel initiatives with attention to detail.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• CRISC, CISSP, or CISA preferred.

• Build relationships, advocate, and consult to different functional and business stakeholder groups on areas of IT and Security Policy.
• Support development and lead management of the organization's security policies, procedures, and standards.
• Manage IT and Security policy review, training, and development schedule.
• Support the risk assessment, risk register, risk treatment, and risk reporting process.
• Support the cybersecurity awareness and training programs, including the phishing simulation program.
• Support the customer cyber due diligence and vendor cyber risk processes
• Support general IT Risk Management activities as needed.
• Support and manage compliance metric reporting and dashboard development as needed.
• Perform other duties and responsibilities, as assigned.

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible.
At TalentFish we are an Equal Opportunity Employer we embrace and encourage diversity!