100% Remote:: IT Risk Analyst-Pharma Domain

Role : IT Risk AnalystLocation : Cambridge, MA / Raleigh, NC /Remote (MUST WORK ON EST TIME ZONE - 8 AM to 5 PM EST)Note:-

• Preference is for candidate with exp with life sciences (pharmaceutical) background
• Minimum need is for 10+ years profiles.
• Must have Experience building Dashboards and familiarity with Tableau/ Power BI/Advanced Excel. knowledge of using scripts to build dashboards is highly desirable
• Need confirmation from candidate that candidate is willing to work on EST Time Zone - 8 AM to 5 PM EST and be based physically in one of the 50 states in the US.

• Help the IT Risk Management Lead build a process and culture of proactive risk identification by monitoring the IT control environment for changes and emerging risks, to inform business unit and functional group leadership of the top security/compliance risks, overall security health of their organizations and advise on risk treatment
• Develop and maintain collaborative relationships with IT business partners, IT leadership, Control Owners and Internal Audit stakeholders
• Deliver Metrics and Dashboards relevant to IT risk
• Provide training, lessons learned, and best practices guidance to IT leadership and IT personnel (e.g., system owners) to improve IT risk management
• Facilitate documentation and maintenance of IT risk processes and support documentation of security controls and relevant processes
• Promote and support an approved risk management, governance and compliance strategy and plan that supports the achievement of the Global Information Technology Strategy

• A minimum of eight years of related work experience in IT enterprise risk management (conducting risk assessments and providing risk analysis), and/or IT operations, governance, audit and compliance with required knowledge, skills, and abilities
• Technical aptitude and understanding of IT systems and their connection to data collection and processing:
  • Knowledge of the following areas: networking, cloud computing, vulnerability management, Identity and Access Management tools, Active Directory, Privileged Access Management, Multifactor Authentication and Single Sign-On concepts, baselines, security monitoring, change management, asset management, incident response, SDLC, encryption, etc.
• Direct experience building, maintaining and operationalizing IT risk metrics.
• Must have Experience building Dashboards and familiarity with Tableau/ Power BI/Advanced Excel. knowledge of using scripts to build dashboards is highly desirable
• Keenly developed business partnering and collaboration skills, adept at establishing and sustaining effective working relationships, both within and between departments.
• Ability to operate effectively in a matrixed environment: Building and managing peer and management-level relationships through achievement of results, accountable to schedule, and allocation of resources and meeting customer needs.
• Solution and results oriented. Strong analytical and problem-solving skills
• Excellent people skills, a team player; strong interpersonal and collaborative skills.
• Excellent written and verbal communication skills including the ability to effectively communicate security- and risk-related concepts to technical and nontechnical audiences
• Strong skills as a negotiator, to facilitate commitment to, and sign-off on, appropriate levels of residual risk from line-of-business managers
• High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity
• High degree of initiative, dependability, and ability to work with little supervision

• 8+ years of experience in IT risk management or a related discipline (for example, IT risk, IT security operations, governance, audit or compliance)
• Industry certifications relating to risk management and security are highly desired (for example, Certified Risk and Information Systems Control (CRISC), Certified Information Systems Auditor [CISA], Certified Information Systems Security Professional [CISSP]).