Analyst for Technology and Cyber Risk

at  WSP Sverige

About WSP
WSP is one of the world’s leading engineering and professional services firms. Our 67,000 trusted professionals are united by the common purpose — to create positive, long-lasting impacts on the communities we serve through a culture of innovation, integrity, and inclusion.
IT Risk Analyst (flexible location)
WSP’s Information Security Office (ISO) is responsible for the deployment and maintenance of the information security framework for both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients.
To run our global Technology &Cyber Risk Management process, we are seeking 2 IT Risk Analysts. This role will report to the Senior Manager for Technology and Cyber Risk.
As a Risk Analyst, you will be supporting the Technology &Cyber Risk Manager in running IT risk management process. You will work closely with IT teams to manage technology-related risks and foster relationships. This role requires good analytical, excellent organizational skills and the ability to work effectively in a diverse, global environment. You will need to be able to prioritize tasks and manage your time effectively.

LEARN MORE & HOW TO APPLY

Location - This position can be located at any of our WSP offices Globally.
Nordic locations can be our WSP offices in Sweden, Finland, Denmark or Norway.
Apply through this ad or contact Sr tech recruiter Nordics Henrik.Jansson@wsp.com if you are interested in learning more about the Nordic positions/locations.
We are looking forward to your application!
Last application date 2023-04-2

• Support the implementation of a comprehensive and effective IT risk management practice across the WSP global IT organisation. This should include facilitating the identification of potential IT risks, the evaluation of their impact, the formulation of strategies to mitigate these risks, and the tracking of their mitigation and/or acceptance. Assist the Security Risk Manager in conducting regular monitoring and review of the IT risk management process to ensure its effectiveness and alignment to the organization’s risk appetite and business objectives.
• Facilitate delivery of IT risk management training within the IT community and support establishing a culture of risk-aware decision-making, accountability, and a commitment to maintaining an effective control environment.
• Analyze and process data related to risks, issues and deficiencies to identify patterns and trends.
• Create visualizations and reports that communicate the insights gained from the data.
• Understand and assimilate rapidly technology, and risk management concepts and dependencies.
• Be a subject matter expert in relation to the management of the Integrated Risk Management Platform (Service-Now IRM). This includes entities, risk statements and controls management.
• Be the central point of contact for all support related to the Risk platform.
• Proactive and display independence and autonomy in performing the role.
  Requirements:

About you:

• 3 to 5 years related experience in Information Technology, experience in Security is a plus.
• A degree in information technology, or related field.
• Experience working in large/global enterprise IT is a plus.
• Knowledge of technology (applications, network, etc)
• Experience with IT Governance frameworks such as ISO 27001
• Experience with governance, compliance, and audit within IT environments
• Limited travelling may be required.

Due to the nature of this role, you may need to work outside of standard business hours occasionally.

Preferred

• Knowledge of Service-Now Integrated Risk Management platform (IRM)
• Professional certification is a plus, in one or more of the following disciplines — IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA) or Payment Card Industry (PCI)