Match score not available

Senior Analyst - Cybersecurity Risk Management

Remote: 
Full Remote
Contract: 
Salary: 
38 - 38K yearly
Experience: 
Senior (5-10 years)

Offer summary

Qualifications:

Bachelor’s degree in Computer Science or cybersecurity, Experience in cybersecurity risk management, Understanding of cybersecurity policies and standards, Experience with NIST and ISO/IEC frameworks, Ability to think strategically and innovatively.

Key responsabilities:

  • Establish and manage a cybersecurity risk management program
  • Identify, assess, and prioritize cybersecurity risks
  • Develop risk mitigation strategies and controls
  • Evaluate third-party cybersecurity risks
  • Present updates on cybersecurity risk posture to stakeholders
Fortrea logo
Fortrea XLarge https://fortrea.com/
10001 Employees
See more Fortrea offers

Job description

As a leading global contract research organization (CRO) with a passion for scientific rigor and decades of clinical development experience, Fortrea provides pharmaceutical, biotechnology, and medical device customers a wide range of clinical development, patient access, and technology solutions across more than 20 therapeutic areas. Conducting operations in more than 90 countries, Fortrea is transforming drug and device development for partners and patients across the globe.

As a Senior Analyst, Cybersecurity Risk Management you will help build, maintain, and manage Fortrea’ s cyber risk management program. You will play a pivotal role in enhancing the cyber risk management framework and mitigation of cyber risks across the organization. You will also get involved in third-party vendor risk assessments, collaborate with cross-functional teams, vendors, and work with offshore partners, oversee audits of third-party vendors.

Responsibilities include, but are not limited to:

  • Establish a cybersecurity risk management program designed to identify, report, and respond to cyber security risks in accordance with industry standards and frameworks, (NIST Cybersecurity Framework, NIST 800-37, ISO/IEC 27001) and regulations (SOX, GDPR, HIPAA)

  • Own and drive requirements for cybersecurity risk management tools.

  • Identify, assess, and prioritize cybersecurity risks, and potential impacts on the organizations assets and systems.

  • Develop and implement risk mitigation strategies and controls to reduce the organizations cyber risk.

  • Develop and maintain metrics, risk register, reporting and action plan.

  • Present regular reports on the organization’s cybersecurity risk posture to stakeholders.

  • Manage the cyber risk register and ensure alignment with enterprise risk management.

  • Align with enterprise risk management to manage the cyber risk register.

  • Stay updated on the latest changes in security trend, threats, and regulatory changes.

Third-party Cyber Security Risk Management:

  • Evaluate and assess cybersecurity risks associated with third-party suppliers and service providers to ensure they meet the organizations security standards.

  • Collaborate with cross-functional teams to develop and implement risk mitigation strategies and controls.

  • Develop and maintain documentation related to third party risk assessments and action plans.

Qualifications:

  • Bachelor’s degree in in Computer Science, cybersecurity, or related field

Experience:

  • Experience in cybersecurity risk management

  • Solid understanding of cybersecurity policies, standards, and controls

  • Experience and solid understanding of industry standards (NIST Cybersecurity Framework, NIST RMF and ISO/IEC 27001 etc.), and regulatory standards such as (HIPAA, SOX, GDPR, SOC2, PCI

  • etc.)

  • Experience with control testing and validation (e.g. NIST 800-53 etc.)

  • Experience developing cybersecurity metrics and reporting involving various areas and stakeholders

  • Experience with implementing risk management processes, risk register within enterprise GRC management platforms (e.g., ServiceNow, OneTrust)

  • Ability to think strategically, innovatively, and execute effectively

  • Proven experience in collaborating across various IT and business domains

Preferred Qualifications Include:

  • CISSP or CRISC or similar preferred or willingness to achieve certification

  • Experience working in a health authority regulated environment

  • Experience leading or working with offshore team

#LI-Remote

#FutureofTech

#LI-SK2

Fortrea is actively seeking motivated problem-solvers and creative thinkers who share our passion for overcoming barriers in clinical trials. Our unwavering commitment is to revolutionize the development process, ensuring the swift delivery of life-changing ideas and therapies to patients in need. Join our exceptional team and embrace a collaborative workspace where personal growth is nurtured, enabling you to make a meaningful global impact. For more information about Fortrea, visit www.fortrea.com.

Fortrea is proud to be an Equal Opportunity Employer:


As an EOE/AA employer, Fortrea strives for diversity and inclusion in the workforce and does not tolerate harassment or discrimination of any kind. We make employment decisions based on the needs of our business and the qualifications of the individual and do not discriminate based upon race, religion, color, national origin, gender (including pregnancy or other medical conditions/needs), family or parental status, marital, civil union or domestic partnership status, sexual orientation, gender identity, gender expression, personal appearance, age, veteran status, disability, genetic information, or any other legally protected characteristic. We encourage all to apply.

For more information about how we collect and store your personal data, please see our Privacy Statement

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Collaboration
  • Analytical Thinking
  • Strategic Thinking
  • Verbal Communication Skills

Cybersecurity Analyst Related jobs