Risk Assessment Analyst
All the relevant skills, qualifications and experience that a successful applicant will need are listed in the following description.
As a Risk Assessment Analyst, you will be involved in the company's transformation program aimed at compliance with the NIS2 directivae, supporting the governance, risk management and operational teams.
You will contribute to the realization of cybersecurity risk analyses on the entities, systems and major components of the company, by applying the methodologies, frameworks and standards defined by cybersecurity governance.
Your role is to collect, structure and analyse the information necessary for risk assessment, in order to provide a reliable and actionable basis for treatment and prioritisation decisions.
You will work under the coordination of the Cybersecurity Risk Manager and in close interaction with the technical, business and project teams, ensuring the consistency, traceability and quality of the analyses produced.
Your contribution is essential to the maturity of the risk management system and to the demonstration of NIS2 compliance.
Shape
YOUR MISSIONS
participate in the performance of risk assessments on the company's critical entities, processes, systems and assets;
collect and consolidate the information necessary for analysis (scopes, assets, flows, threats, existing controls) in conjunction with the teams concerned;
apply the defined risk analysis methodologies (qualification of impacts, estimation of likelihood, assessment of residual risks);
Contribute to the updating and maintenance of the cybersecurity risk register ;
document the findings, assumptions and results of analyses in a structured manner;
Identify deviations from NIS2 requirements and internal security frameworks.
prepare the deliverables to support the decision: summaries of analyses, risk tables, elements of justification;
Contribute to the production of evidence necessary for NIS2 audits, compliance reviews and controls.
Work collaboratively with technical and project teams to ensure a good understanding of the operational context of the risks being analyzed.
Shape
YOUR PROFILE
you have a bachelor's or master's degree in computer science, cybersecurity, risk management or a related field;
You have a first experience or a strong interest in risk management, compliance or cybersecurity ;
You have a basic understanding of IT environments (systems, networks, applications, services) and their security challenges.
You are comfortable with analyzing, structuring and documenting complex information. xphnsxz
you are methodical, rigorous and attentive to the consistency and quality of the deliverables;
You know how to work within a defined framework, while demonstrating curiosity and analytical skills;
You communicate clearly and constructively with technical and non-technical contacts.