Global Cybersecurity Risk Analyst

The Global Cybersecurity Risk Analyst candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:

• Assist with focused information risk assessments of existing or new services and technologies, along with business counterparts.

• Communicates risk assessment findings to team owners and custodians of information risk "business partners," or information governance teams and information security teams.

• Provides consultative advice to information governance or security teams that enables them to suggest informed risk management decisions.

• Helps to identify and facilitate the implementation of appropriate controls to effectively manage information risks as needed.

• Helping to identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.

• Able to coordinate other risk management activities (e.g., Exception Management Process, Vulnerabilities Management, etc., with relevant stakeholders.

• Experience in coordinating and executing vendor risk management lifecycle (frameworks, policies, and processes), including performing detailed risk-based assessments and responding to external customers security assessments.

• Experience in reviewing contractual agreements' (Master Service Agreements) Cybersecurity requirements and making relevant inputs as required with key stakeholders (e.g., Legal,).

• Understands and applies relevant regulatory and legal compliance requirements

Requirements

A successful Global Cybersecurity Risk Analyst candidate will have the expertise and skills described below.

Education, Training and Previous Experience

Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• BS or MA in Business, Computer Science, Information Security, or a related field

• [2+] years of work experience in information security, especially in an information senior cybersecurity risk role

• [2+] years of experience in managing risk and compliance issues, or similar experience managing applications, projects or systems that require identification, evaluation, and remediation of risk

• Technical background or demonstrable understanding of a range of operational and IT risks and operations

• Strong business background; experience gathering and interpreting risks and associated impacts in the context of financial and operational concerns

• Strong understanding of complex vendor risk-related issues through demonstrated experience managing vendor relationships, information security or regulatory compliance programs, and audits

• [4+] years of experience with regulatory compliance and information security management frameworks (e.g., International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)

ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.