Remote - US - Remote - US - United States of America
Job Summary
The Business Information Security Office (BISO) Cyber Security Risk Analyst is a member of the Business Information Security Office within Global Cyber Security and works closely with the global lines of business, the Digital & Technology (D&T) Solutions & Delivery teams, and other D&T teams.
Essential Roles And Responsibilities
Interfaces with the client for RFPs, inquiries, and client security audit reviews.
Understands and communicates policies and standards for inquiries internally and externally.
Maintains client relationship by responding to client security-related inquiries and documenting actions.
Prepares for client inquiries by studying our products, services, and client service processes.
Responds to client inquiries by understanding inquiry; reviewing previous inquiries and responses; gathering and researching information; assembling and forwarding information; verifying client’s understanding of information and answer.
Manages, prepares, and dispatches client security support requests.
Records client inquiries by documenting inquiry and response in clients’ accounts.
Improves quality service by recommending improved processes and identifying new client security requirements from clients.
Updates job knowledge by participating in educational opportunities.
Accomplishes client service and organization mission by completing related results as needed.
Actively supports the execution of the GCSO program and other plans developed by the Business or as applicable.
Strong working knowledge related to cyber security governance, controls, and effective monitoring is a plus.
Awareness & Training
Facilitates awareness and training programs as needed based on issue/risk trends.
Promotes awareness of current policies and standards, as well as revisions and developments; provide consistent interpretation of policy to business unit.
Di stributes information security awareness materials and publications appropriately within the business.
Relationship Management
B uilds relationships and engage frequently with business leaders and client account teams.
Frequently interact with, and educate, business leads and their Senior Management team on current issues and overall status of the global cyber security program.
Help drive cyber security best practices between organizations and countries.
Identify key business contacts to ensure adequate coverage for the business’ security program.
Maintain a positive relationship with client auditors.
Qualifications
Previous in-depth experience in technology including information security governance, risk or compliance. Experience giving presentations and superb communication skills
Education And Experience
Bachelor's and/or Master’s degree in Computer Science, Information Technology or related field. 1+ years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.
Preferred Skills
Client-facing experience in sales, sales support, or service delivery.
Subject matter experience in application security (security by design), vulnerability testing, identity management, and incident response with deep experience in software engineering/development.
Knowledge and familiarity in using ServiceNow for Request Management and GRC Management.
CISSP or CISM (or equivalent)
EQUAL OPPORTUNITIES
We are an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.
CBRE is an equal opportunity/affirmative action employer with a long-standing commitment to providing equal employment opportunity to all qualified applicants regardless of race, color, religion, national origin, sex, sexual orientation, gender identity, pregnancy, age, citizenship, marital status, disability, veteran status, political belief, or any other basis protected by applicable law.
NOTE: An additional requirement for this role is the ability to comply with COVID-19 health and safety protocols, including COVID-19 vaccination proof and/or rigorous testing.
Service line: Corporate Segment
Note From The Remote JobHunters: