- Entry level
- No Education
- Salary to negotiate
- Fort Collins
The HP Cybersecurity Sr. Risk Assessor is responsible for end-to-end cyber security risk management, including risk identification, analysis and evaluation, identifying remediation requirements, and tracking associated risks. Assessment targets include third parties as well as internal business assets. In addition to conducting the risk assessment, the Sr. Risk Assessor drives continual process and tool improvements. The position reports to the Cybersecurity Risk Manager and works closely with teams across Cybersecurity, IT, Privacy, Legal, Procurement, and Businesses to help protect HP’s assets.
- Ensure timely execution of assigned risk assessments.
- Identify issues and root causes including oversight and facilitation risk mitigation plans in alignment with HP Policy & Standards
- Partner with management stakeholders (including at minimum: Business Units, Supply Chain, IT, Enterprise Risk Management, Procurement) to effectively drive effective, proactive risk management.
- Prepare and present risk management reports, scorecards, and briefings as required
- Review key metrics and overall performance with internal stakeholders and third parties
- Support internal & external audit readiness
- Monitor regulatory changes, corporate updates, and geo-political changes and ensure HP cyber security compliance
- Support the development and implementation of HP Policy, standards, guidelines, tools, and documentation for consistent execution of risk management activities
- Drive development, implementation and integration/automation of risk management tools and processes
- Bachelor's Degree in Information Security, Cyber Security, or related
- 6 years cyber security experience
- Demonstrated experience conducting risk assessments, including internal information assurance and third party providers
- Experience analyzing SOC reports, application testing reports, SAQ’s
- Experience with risk management frameworks, methodologies and tool
- Strong governance, risk & compliance background
- Understanding of ISO 27001/27002/27005, NIST Cybersecurity Framework, PCI DSS, COBIT, and ITIL frameworks, SOC reports, OWASP, pen testing.
- Experience utilize API’s to enable integration/automation across tools
- Experience developing workflows
- Experience with PowerBI to create reports and dashboards
- Experience with data analytics tools
- CRISC certification required; CISSP highly desirable; CISA, CISM desirable
- Excellent interpersonal, written, and oral communication skills.
- Ability to work in a team as well as independently in a fast-paced, multi-tasking, global environment.
- Excellent prioritization and multitasking capabilities.
- Highly motivated self-starter who demonstrates initiative.
Responsibilities may vary over time and include, but are not limited to, those listed.
About the company
The Hewlett-Packard Company (HP) is an American global information technology company headquartered in Palo Alto, California, United States. It develops and provides a wide variety of hardware components as well as software and related services to consumers, small- and medium-sized businesses (SMBs) and large enterprises, including customers in the government, health and education sectors.