CYBER RISK ANALYST

at  3Pro Solutions Pte Ltd

EDUCATION:

• Minimum a Diploma in Business Information Technology/Cyber Security/Network Defense from recognized academic institutions

TECHNICAL SKILLS AND EXPERIENCE:

• 2+ years’ experience in governance, risk, and compliance and/or information security or audit
• Expertise in complex business processes and technological risks
• Deep understanding of security technologies, including firewalls, proxies, SIEM, IDPs, and antivirus software
• Knowledge of penetration testing, network security, and common techniques to expose and correct security flaws
• Advanced understanding of third-party risk management
• Prior experience with third-party GRC and vendor management platforms
• Superior verbal and written communication skills with technical and non-technical audiences at all organizational levels
• Passion and dedication to improving security and compliance maturity in a significant way

SOFT SKILLS

• Excellent communication and interpersonal skills
• Strong analytical and problem-solving skills
• Critical thinking and decision-making skills.

BELOW IS A BRIEF JD OUTLINING THE DAY-TO-DAY TASKS:

• Collaborate with business and IT executives to identify and enhance existing security control processes.
• Identifying potential causes of data and security breaches to prepare security plans.
• Administer audit and security governance, risk, and compliance (GRC) tools, such as UltraHeals.
• Maintain knowledge of key security controls and enhance IT controls and policies accordingly.
• Manage and maintain the controls of the IT audit program for ISMS (ISO 27001:2022) and DPTM requirements.
• Preparing team members and necessary materials for audit meetings (e.g., control design walkthroughs), follow-up requests, and testing
• Review auditor requests to ensure they are appropriately scoped and reasonable, and review the completeness and accuracy of audit evidence and materials provided by internal team members before auditor submission.
• Work with the business team to ensure team members are accountable for completing audit assignments on time with the appropriate priority level, thoroughness, and accuracy according to documented procedures.
• Identify and rank the inventory of third parties that pose a risk to the organization.
• Preparing intelligence information for stakeholders through technical reports and briefings.
• Collect the security and auditing information from third parties, analyze it, and recommend its implementation as a control.
• Contribute to the design, creation, and maintenance of risk-based metrics
• Independently lead projects, coordinating efforts with all team members, and ensuring proper management communication and project success through the completion
• Monitoring any possible threats of cyber attacks regularly using the UltraHeals Tool.
• Identifying best practices and staying up to date with emerging cyber threats.
  Key Requirements