Assignment Description

We are currently seeking an Implementor for Information Risk Management for our client.

The role focuses on the implementation of Information Security Risk Management (IRM) and the Digital Risk Intelligence Framework, in collaboration with business and IT stakeholders. The position involves aligning the IRM with other risk practices at our client and with Enterprise Risk Management based on ISO 31000 and COSO frameworks. You will plan and provide requirements for integrating IRM into the future supporting platform, based on ServiceNow. The work also includes identifying business-critical processes and supporting digital landscapes, ensuring a risk-centric approach in the design and implementation of new and enhanced functionalities. You will assign relevant risk treatment plans and define risk owner responsibilities. Additionally, the role involves aligning with IT service/portfolio management and application service/portfolio management to ensure that execution and risk management are conducted according to business-critical assessments and security evaluations for the environments.

Main Responsibilities:

• Collaborate with multiple entities across the client’s distributed and complex landscape, including sales and marketing organizations, manufacturing and distribution supply chains, independent business units, and emerging business models.
• Work as part of a global organization, engaging with multiple stakeholders and domains within the client’s community.
• Evaluate and deliver suitable functional outcomes in the area of Threat and Risk Intelligence to provide better risk insights for decisions that reduce threat and risk exposures to the client’s business.
• Collaborate closely with Threat and Security Managers, Solution Architects, Service/Product Owners, and other colleagues at the client.

Required Qualifications:

• 10+ years of documented experience in IT.
• 8+ years of documented experience in Risk/Information Security.
• Strong knowledge of risk and threat frameworks.
• Extensive experience in implementing risk management in large global organizations.
• Knowledge of regulatory requirements, such as ITAR, TISAX, ISO 31000, ISO 27001, NIST 800, and COSO ERM.
• Relevant professional certifications, such as CRISK/CREST, are advantageous.
• Senior-level Security Consultant with transformational experience in implementing risk intelligence and risk management for global organizations.

Desired Attributes:

• A holistic and functional mindset regarding security risk and threat frameworks.
• Significant experience in implementing solutions designed to provide actionable risk insights to protect business operations and the client’s brand.
• Excellent written and verbal communication skills in English.