Essential Functions (Responsibilities):
The IT Risk Analyst/PM will support the following key activities:
- Perform IT and application risk assessments
- Identify and evaluate the design of risks and controls
- Prepare compliance reports and status reports, identify issues and escalate through proper governance channels as needed
- Collaborate with others within IT and the business to ensure risk assessments are performed efficiently and effectively
- Set priorities in correcting problems holding up completion of risk assessments and tracking them until resolution
- Responsibility for all IT deliverables for the projects under their purview.
- Subject Matter Expert in one or more of the following domains: Data Privacy, System & Data Classification, 3rd Party Security, Security Architecture, and Data Protection
- Ensure all IT requirements are delivered on behalf of projects.
- These include, but are not limited to; new vendor assessments, application classifications, data and system classifications, application security reviews, IT security control implementation, evidentiary testing documentation, knowledge transfer to control owners, and final risk assessment approval
- 5+ years of experience in IT Compliance, IT Risk Management, and/or IT Audit
- BS in Management Information Systems, Computer Science, and/or other applicable Information Technology disciplines
- Understanding of industry security standards, guidelines and regulatory/compliance requirements related to information security such as ISO 27001, ISO 27018, NIST 800-53, PCI DSS, SOC2, HIPAA, PCI, SOX, GLBA, etc, is required
- Understanding of GDPR and EU data privacy regulations
- Able to lead multiple projects with competing priorities and deadlines
- Project Management Professional (PMP) certification
- Previous experience participating in the execution of complex projects in challenging environments
- CISSP, CRISC, CISM, CISA, CIPP or similar certifications
- Ability to work under pressure and adhere to sometimes strict and/or tight deadlines
- Excellent communication, organizational and time management skills with ability to manage multiple priorities and meet deadlines
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.