IT Governance and Risk Management Analyst I

Requisition Number:  11852
Company:  Westinghouse Electric Co

Krakow, MA, PL, N/A

The IT Governance & Risk Management Analyst I assist management with development and execution of the Information Technology governance, risk assessment and security awareness programs and projects. 


Duties and Responsibilities:

  • Support the continued operation of the IT Governance and Risk Management programs and processes, including the performance of third-party risk assessments in accordance with published policies, processes, and procedures. 
  • Maintain awareness of and competency in the NIST Risk Management Framework, NIST Cybersecurity Framework, and evolving methodologies around security awareness and training.
  • Document risk assessments including findings and recommendations.
  • Maintain information systems assurance materials for efforts relating to the third-party risk management.
  • Report on the status IT governance and risk management activities.
  • Maintain program alignment to internal/external compliance requirements and identified gaps.
  • Support local, regional, and global Information Security Awareness Program engagements and events.
  • Support the IT Governance and Risk Management program as directed by management. 


Education and Qualifications:

  • Minimum of 1 year of IT work experience.
  • Capable of managing assignments and work with general supervision.
  • Strong communication skills working within group and within Information Technology.
  • Practical fundamental knowledge of IT and rudimentary Information Security principles and techniques, business unit products and services, industry standards, and government regulations preferred. 

Employment opportunities may require access to information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.


Job Segment: Information Systems, Network, Information Security, Manager, Technology, Management