T&DS - IT Risk Analyst

Forvis Mazars is a leader in audit, tax and advisory services, operating worldwide across 100+ countries and territories. Join our 40,000+ strong team to grow your career through global opportunities, diverse projects and continuous learning. Belong to a supportive environment where your unique perspective is valued and success comes from working together. Impact with your bold ideas and help drive us forward.

The Technology & digital solutions (T&DS) is leading Forvis Mazars digital transformation. We aim at providing Forvis Mazars professionals with a seamless digital experience allowing greater collaboration worldwide in a safe environment. As a result, they’ll be empowered to deliver more value to clients every day.

To reach these goals, T&DS transformation programme aims at consolidating the IT operations from a multi-local model spread across 100+ countries into a global model. This includes the infrastructure and the operating model needed to support the business, people and clients now and in the future.

The success of this change relies on the great expertise and relentless engagement of every member of the team. This is a great moment to join the Technology & digital solutionsorganisation and be part of the delivery of this major transformation over the coming years!

The experienced Risk Analyst will report to the head of GRCand will support the GRC team in identifying, assessing, and mitigating risks across the organisation. This role is crucial for maintaining the security and resilience of our information systems.

• Assist in conducting security assessments and risk analyses.
• Support the development and maintenance of risk management policies and procedures.
• Help in the preparation and updating of risk registers and asset registers.
• Regular review of risks.
• Implementation of risk treatment actions.
• Collaborate with various departments to ensure compliance with global security policies.
• Participate in the continuous improvement of the Information Security Management System (ISMS) by designing and implementing effective metrics.
• Maintain documentation and records related to risk management activities.
• Communicate on the progress of risk management activities and the overall level of security.

• 3-5 years of experience in information security and risk management.
• Certifiedon ISO27001 / 27005 and other relevant security frameworks.
• Good knowledge of Cyber and cloud security standard frameworks, architecture & design.
• Good knowledge of Compliance frameworks, such as SOC 2, NIST.
• Cloud environments : M365, Microsoft Azure, SaaS Services.
• Strong analytical and problem-solving skills.
• Excellent interpersonal and communication skills.
• Fluent in English; other languages are a plus.
• Ability to work collaboratively in a team environment.
• Attention to detail and a methodical approach to work.

Hybrid work 50%