Technology and Cyber Risk Management Analyst

WTW Information & Cyber Security (ICS) Risk Management team requires a Technology and Cyber Risk Analyst to support the team in the identification, assessment, treatment, and overall management of technology risks facing WTW (including risk analysis, reporting and risk assessments). 

The Role: 

This role will support the ongoing operations of the ICS risk management team:

• Gather data from various sources of information and perform analysis to support the risk identification process in support of identification of potential systemic risks.
• Perform analysis of threat intelligence data to support related decision making/analysis.
• Develop continuous data feed process to support risk assessments.
• Support the risk reporting process through generation of required content.
• Organise and maintain the operation processes to support team members in the risk management lifecycle.
• Support technology and cyber risk team in continuous improvement activities.
• Working closely with our WTW Enterprise Risk Management (ERM) partners to ensure alignment to ERM processes.
• Perform quality assurance over risk register in GRC tool to ensure all fields are completed.
• Maintain Technology and Cyber Risk and Controls Framework and any supporting procedures and training materials. 

The Requirements: 

Skills:

• Knowledge and experience of Governance, Risk and Controls framework and related processes.
• Understanding of 3 lines of defense model 
• Experience of implementations using Agile approach and practices.
• Experience of technology and cyber risk and issue management.
• Experience and thorough understanding of technology and cyber controls.
• Knowledge of GRC tool such as Riskonnect.
• Detail-oriented and capable of delivering at a high level of accuracy.
• Experience of analysing reporting submissions for completeness and accuracy and addressing areas of concern with contributors.
• Proven ability to prioritise conflicting deadlines and priorities and respond quickly to changing priorities
• Able to interpret & present data and information in the appropriate format for different audiences.
• Knowledge and understanding of Information Security Frameworks and standards (FFIEC, NIST, ISO etc.)
• Ability to work as part of a team or solo.
• Excellent Communication skills, especially written English
• Strong stakeholder management
• The ability to foster and grow relationships, constructive challenge and negotiation skills.
• Experience of working in a live operational environment with an understanding of the impact of policy adherence is desirable.

Qualifications:

• Educated to degree level or equivalent. 
• Hold professional qualifications in a related subject for example, CRISC, CISSP, CISM, CISA
• experience in technology role (with proven experience of active management of technology risks (for example, in projects, technical SME areas etc.). 
• Experience of working within a global financial organization

Behaviors:

• Resourcefulness and organizational agility
• Global team player with good interpersonal and influencing skills.
• Conflict management resolution (options analysis)
• Customer focus, integrity and trust
• Personal learning & development

Equal Opportunity Employer

At WTW, we believe difference makes us stronger. We want our workforce to reflect the different and varied markets we operate in and to build a culture of inclusivity that makes colleagues feel welcome, valued and empowered to bring their whole selves to work every day. We are an equal opportunity employer committed to fostering an inclusive work environment throughout our organization. We embrace all types of diversity.

At WTW, we trust you to know your work and the people, tools and environment you need to be successful. The majority of our colleagues work in a ”hybrid” style, with a mix of remote, in-person and in-office interactions dependent on the needs of the team, role and clients. Our flexibility is rooted in trust and “hybrid” is not a one-size-fits-all solution.