Revel IT
A
Lead Cyber Risk Analyst
is needed for a contract-to-hire opportunity to develop, maintain, and execute the Cyber Assessments program, also known as Third Party Risk Management (TPRM), and Technology support. Cyber Assessments include corporate and technology Control Assessments using Fortress and coordinating independent assessments such as penetration tests, NIST CSF, and mock regulatory reviews. Technology support focuses on the enterprise Archer TPRM application and Fortress solution. HYBRID ROLE - Must report onsite 2 days a week. Starting September 1st must report onsite 3 days a week. Candidates must be local in Columbus area. Must have US Citizenship. Additional Responsibilities: The Cyber Assessments, Lead TPRM Monitoring and Reporting Analyst will work collaboratively with numerous teams including NERC CIP Compliance, Pipeline Compliance, Innovation, Supply Chain and the business to educate and inform business partners of Third Party Risk Profiles. This role is responsible for managing and reporting on Third Party Cyber Risks by maintaining risk profiles, tracking supplier issues and exceptions, and using tools to create reports, dashboards and metrics. Works closely with the Director of Cyber Compliance, the Manager Cyber Assessments, the Manager(s) Cyber Compliance, and others as needed to ensure that all assessment results are addressed and leverages Fortress and Archer and adoption of the program. Perform routine assignments in the Cyber Assessment Analyst job band, under the direction of the Director of Cyber and the Manager Cyber Assessments Work closely with the business, OT, IT, and Cyber and Service Providers to perform and/or support TPRM and Cyber Assessment processes Assist in driving the implementation of the roadmaps for Cyber Assessments, Archer, and Fortress Control Assessments Assist in executing the Cyber Assessment (CA) program, ensuring a methodology is used and communicated relative to when a Cyber Assessment is performed, risks are mitigated, results are communicated, and metrics are produced supporting the program. Executes or assists others in executing Cyber assessments supporting the business, Cyber, IT, OT, and the Innovation line of business ensuring Supply Chain processes are adhered to. Reviews must meet stated objectives, budget requirements, timeline requirements and reporting/readout requirements Supports and strives to be knowledgeable relative to Fortress Control Assessments, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to the client Supports and strives to be knowledgeable relative to Archer, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to the client Serves as an Archer ambassador across NiSource as to capabilities and expanded adoption Assist in audit/issues tracking and resolution for processes related to Cyber Assessments as requested Advance the use and adoption of Archer RSA to maintain and manage risk, compliance, and policy monitoring and tracking Required Knowledge, Skills, and Abilities Bachelor's Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts 6+ years' TPRM experience in varying support functions 6+ years of experience with Vendor Control Assessments, SOC2 reports and metrics In-depth experience with TPRM processes, reporting and metrics Knowledge of TPRM components, trends, and best practices. Solid skills with computers, operating systems, and software (MS Office 365 suite of products) and ability to learn new technical concepts quickly. Analytical abilities, including process analysis and development, problem solving and root cause analysis. Teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills. Willing to travel up to 10% to business unit or other locations, as needed. Involvement in multiple process improvement initiatives Good written and verbal communication Demonstrated participation in successful delivery of TPRM projects Can work independently in multiple functional domains with minor assistance Solid understanding of NIST 800 CSF. Client business operations knowledge Working knowledge of the gas and electric utility industry; additional experience a plus Information Technology Infrastructure Library (ITIL) V4 certification a plus Preferred Additional Qualifications: Demonstrated experience in Microsoft Excel and Word Demonstrated experience in SharePoint Demonstrated experience in Reporting / Analytics Experience using Archer GRC tool Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Oil and Gas Referrals increase your chances of interviewing at Revel IT by 2x Inferred from the description for this job
Medical insurance Vision insurance 401(k) Student loan assistance Tuition assistance Get notified about new Risk Analyst jobs in
Columbus, Ohio Metropolitan Area . Lead Security Analyst, Policy Controls & Risk Remediation
Information Security Risk Analyst (FT,100%)-Days-HYBRID
Columbus, OH $100,000 - $120,000 4 days ago Healthcare Data Analyst - Two Positions (Health Services Policy Analyst)
Columbus, OH $70,000 - $140,000 1 month ago Columbus, OH $77,000 - $154,000 5 months ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Lead Cyber Risk Analyst
is needed for a contract-to-hire opportunity to develop, maintain, and execute the Cyber Assessments program, also known as Third Party Risk Management (TPRM), and Technology support. Cyber Assessments include corporate and technology Control Assessments using Fortress and coordinating independent assessments such as penetration tests, NIST CSF, and mock regulatory reviews. Technology support focuses on the enterprise Archer TPRM application and Fortress solution. HYBRID ROLE - Must report onsite 2 days a week. Starting September 1st must report onsite 3 days a week. Candidates must be local in Columbus area. Must have US Citizenship. Additional Responsibilities: The Cyber Assessments, Lead TPRM Monitoring and Reporting Analyst will work collaboratively with numerous teams including NERC CIP Compliance, Pipeline Compliance, Innovation, Supply Chain and the business to educate and inform business partners of Third Party Risk Profiles. This role is responsible for managing and reporting on Third Party Cyber Risks by maintaining risk profiles, tracking supplier issues and exceptions, and using tools to create reports, dashboards and metrics. Works closely with the Director of Cyber Compliance, the Manager Cyber Assessments, the Manager(s) Cyber Compliance, and others as needed to ensure that all assessment results are addressed and leverages Fortress and Archer and adoption of the program. Perform routine assignments in the Cyber Assessment Analyst job band, under the direction of the Director of Cyber and the Manager Cyber Assessments Work closely with the business, OT, IT, and Cyber and Service Providers to perform and/or support TPRM and Cyber Assessment processes Assist in driving the implementation of the roadmaps for Cyber Assessments, Archer, and Fortress Control Assessments Assist in executing the Cyber Assessment (CA) program, ensuring a methodology is used and communicated relative to when a Cyber Assessment is performed, risks are mitigated, results are communicated, and metrics are produced supporting the program. Executes or assists others in executing Cyber assessments supporting the business, Cyber, IT, OT, and the Innovation line of business ensuring Supply Chain processes are adhered to. Reviews must meet stated objectives, budget requirements, timeline requirements and reporting/readout requirements Supports and strives to be knowledgeable relative to Fortress Control Assessments, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to the client Supports and strives to be knowledgeable relative to Archer, contributing to the direction of the product, our leveraging of the tool, and the ongoing business benefit to the client Serves as an Archer ambassador across NiSource as to capabilities and expanded adoption Assist in audit/issues tracking and resolution for processes related to Cyber Assessments as requested Advance the use and adoption of Archer RSA to maintain and manage risk, compliance, and policy monitoring and tracking Required Knowledge, Skills, and Abilities Bachelor's Degree or equivalent work experience that provides knowledge and exposure to fundamental theories, principles, and concepts 6+ years' TPRM experience in varying support functions 6+ years of experience with Vendor Control Assessments, SOC2 reports and metrics In-depth experience with TPRM processes, reporting and metrics Knowledge of TPRM components, trends, and best practices. Solid skills with computers, operating systems, and software (MS Office 365 suite of products) and ability to learn new technical concepts quickly. Analytical abilities, including process analysis and development, problem solving and root cause analysis. Teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills. Willing to travel up to 10% to business unit or other locations, as needed. Involvement in multiple process improvement initiatives Good written and verbal communication Demonstrated participation in successful delivery of TPRM projects Can work independently in multiple functional domains with minor assistance Solid understanding of NIST 800 CSF. Client business operations knowledge Working knowledge of the gas and electric utility industry; additional experience a plus Information Technology Infrastructure Library (ITIL) V4 certification a plus Preferred Additional Qualifications: Demonstrated experience in Microsoft Excel and Word Demonstrated experience in SharePoint Demonstrated experience in Reporting / Analytics Experience using Archer GRC tool Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Oil and Gas Referrals increase your chances of interviewing at Revel IT by 2x Inferred from the description for this job
Medical insurance Vision insurance 401(k) Student loan assistance Tuition assistance Get notified about new Risk Analyst jobs in
Columbus, Ohio Metropolitan Area . Lead Security Analyst, Policy Controls & Risk Remediation
Information Security Risk Analyst (FT,100%)-Days-HYBRID
Columbus, OH $100,000 - $120,000 4 days ago Healthcare Data Analyst - Two Positions (Health Services Policy Analyst)
Columbus, OH $70,000 - $140,000 1 month ago Columbus, OH $77,000 - $154,000 5 months ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr