About Thermo Fisher Scientific
Thermo Fisher Scientific Inc. (NYSE: TMO) is the world leader in serving science, with revenues of more than $20 billion and approximately 65,000 employees globally. Our mission is to enable our customers to make the world healthier, cleaner and safer. We help our customers accelerate life sciences research, solve complex analytical challenges, improve patient diagnostics, deliver medicines to market and increase laboratory productivity. Through our premier brands - Thermo Scientific, Applied Biosystems, Invitrogen, Fisher Scientific and Unity Lab Services - we offer an unmatched combination of innovative technologies, purchasing convenience and comprehensive services.
The Associate Risk Analyst, Assessments and Authorizations has global responsibility for supporting IT Risk Management. The team is responsible for evaluating IT security risk and ensuring compliance with corporate policies as well as external standards and regulations. The associate risk analyst will perform risk assessments/analysis, ongoing data gathering and analysis identifying and reporting, metrics, overall risk register/management as well as supporting ongoing security/IT and or business projects
- Support A&A team operational activities by performing and assisting with risk assessments and analysis.
- Maintain the risks assessment workflow and ensure all tickets are actioned according to team procedures.
- Monitor and maintain policies, processes and procedures required for the general operation of the Assessments and Authorizations (A&A) Program.
- Identify, collect and mine data required for various facets of the A&A team (e.g. risk register, CMDB, metrics and reports)
- Gather and store evidence in accordance with corporate standards to ensure programs can prove and track compliance.
- Collaborate with team to assist in developing and maintaining tools and processes for Governance, Risk & Compliance (GRC) program to help provide visibility into and across all systems, applications, and projects globally to aid in risk and compliance measurement across the organization.
- Perform other duties as assigned.
- Bachelor’s degree in Computer Science, IT Information Systems, Security Compliance, Risk Management or Information Security & Assurance. Equivalent work experience acceptable.
- 2+ years IT systems infrastructure, security or equivalent technical work is highly preferred.
- Strong interpersonal, organizational, presentation, and excellent documentation skills are a must.
- Excellent customer service skills required.
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group of executives, managers, and subject matter experts.
- Relevant security certifications such as CRISC or CISA is a plus
- High level knowledge of ISO 27001 and NIST 800-30
- Strong attention to detail and organizational acumen
- Proven ability to handle conflict and adversity with confidence and integrity
Willingness to become an expert in realm of risk management and information security