As the Risk Expert at YPTO, you will be responsible for overseeing the organization's risk management process, providing guidance to the Risk team, and ensuring continuous improvement. Additionally, you will act as an authority in developing, implementing, and maintaining the risk management framework in alignment with academic theories, industry standards, and legal requirements. Your role will also involve promoting cybersecurity awareness and best practices within the organization.
Develop the Risk Management Process:
1. Develop a repeatable and quantitative risk management process based on academic theories, industry standards, and models.
2. Identify improvements to enhance the efficiency and consistency of the Risk Management Process through tooling.
3. Ensure prioritization and quality assurance of tasks within the Risk team.
4. Provide coaching and guidance to the Risk team as needed.
5. Assist in the selection of new team members with the requisite qualifications and skills.
Improve and Maintain the Risk Management Process:
1. Enhance and maintain the Risk team's capabilities and services.
2. Align the Risk Management Process with other YPTO Risk Management Programs.
3. Manage all aspects of the lifecycle management of capabilities and services, including designing, implementing KPIs/KRIs, documenting procedures, identifying and addressing operational and quality risks, and monitoring external suppliers.
4. Report to internal stakeholders on KPIs, planning, capacity, and quality.
Knowledge Transfer:
1. Collaborate with other leads of the GRC Team to enable synergies.
2. Assist colleagues within the CISO office and YPTO in understanding information security and risk management.
3. Mentor junior Risk security officers to facilitate their professional development.
#J-18808-Ljbffr