Cyber Risk and Compliance Tool AdministratorIT Risk Analyst

Job Title: Cyber Risk and Compliance Tool Administrator/IT Risk Analyst

Location: Cincinnati OH/Boca Raton FL/Charlotte NC/Portland OR/Chicago IL/San Jose CA (Need locals)

Duration: 6 months Contract

Required Skills: Risk Management NIST GRC

The Cyber Risk and Compliance Tool Administrator / IT Risk Analyst plays a critical role in maintaining and enhancing the IT risk management practice at the Client. This individual will not only perform and manage assessments of potential cyber risk exposures and prepare actionable risk reporting but also assist in the administration of Governance Risk and Compliance (GRC) tools such as Archer ServiceNow and MetricStream. The analyst is responsible for ensuring that the GRC platform is effectively configured customized and utilized to support Clients cyber risk management processes.

By cultivating strong working relationships with leaders across the enterprise the Cyber Risk and Compliance Tool Administrator / IT Risk Analyst will conduct evaluations of the cyber risk posture and advise on strategies to reduce risk in line with established risk appetites. The role demands strategic thinking intellectual curiosity and the ability to operate in undefined problem spaces shaping and refining the risk program with both autonomy and empowerment from senior leadership.

Top Must Haves:

• Risk management experience: previous experience working with and reviewing cyber risk assessments.
• Familiarity with cyber security frameworks such as NISTCSF.
• Deep experience with GRC tools (administrative power user user) and their application in cyber risk management.
• Proficiency in administering and customizing GRC platforms like Archer ServiceNow and MetricStream.

Requirements:

• Prefer 510 years experience in governance risk and compliance
• Job field related certification(s) CISSP/CISA/CRISC (preferred but not required)
• Previous experience as a compliance analyst in a related field.
• Indepth knowledge of industry compliance requirements and standards.
• Proficiency in compliance management software Archer ServiceNow MetricStream etc.
• Ability to accurately complete applications for compliance certification.
• Ability to effectively train employees.
• Exceptional communication and interpersonal skills.
• Understanding of regulatory frameworks
• Requirements analysis
• Ability to develop standards to maintain legal compliance
• Quality management
• Critical thinking and problemsolving skills
• Organization project management and strategic planning skills
• Familiarity with process improvement methodology
• Attention to detail
• Ability to embrace complexity.
• Demonstrated expertise in configuring customizing and managing GRC platforms such as Archer ServiceNow MetricStream etc. to support cyber risk management activities.
• Experience in automating cyber risk management tasks within GRC tools to enhance efficiency and accuracy.
• Capability to develop and maintain documentation for GRC tool usage including administration guides user training materials and standard operating procedures.
• Skill in integrating GRC tools with other IT systems to provide a holistic view of the organizations risk posture.
• Ability to oversee user access management within GRC platforms ensuring appropriate roles and permissions are aligned with segregation of duties.
• Proficiency in generating and interpreting reports and dashboards within GRC platforms to inform cyber risk management decisions.