Senior Technology Risk Analyst

In this highly visible role, you will:

• Perform design and operating effectiveness testing of information security controls
• Execute periodic control testing across infrastructure, applications and cloud
• Develop and maintain control testing plans, test scripts, and evidence requirements
• Identify control gaps, assess risk impact, and recommend remediation actions
• Track remediation plans and closure of control deficiencies
• Prepare clear testing reports, executive summaries, and dashboards
• Communicate findings to senior management and risk committees

The ideal candidate for this position should have:

1. Strong experience in technical control testing and SOC reviews
2. Good understanding of core security concepts and network security
3. Candidates should be capable of reviewing technical teams including Security Engineering, Architects, Engineering teams.
4. Strong technical knowledge is required so they can ask the right set of technical and scoping questions during the assessments/review.
5. Experience in technical scoping, control validation and security assessments is important.
6. Strong communication skills are mandatory as the stakeholders and teams are primarily based in UK and US.

NICE Framework References

National Initiative for Cybersecurity Education (NICE) competency proficiency levels of advanced to expert in the following areas (recommended no more than 6):

Risk Management & Control Assessment

Security Control Validation and Assurance

Cybersecurity Governance & Compliance

Frameworks & Standards Management

Technical Security Assessment

Cyber Risk Reporting & Communication