Senior Quantitative Risk Analyst

Organization

Walmart

Location

Bentonville, AR

Description

Walmart InfoSec is looking for a talented and driven person ready to join our Tactical Risk Analysis (TRA) team as a senior risk analyst (SRA). The SRA's primary duties are to perform risk assessments and analyses using defined processes and tools. The SRA works with, and calibrates, subject matter experts (SME) to produce standard and customized analysis and reports. The SRA is well-versed in basic statistical risk and decision modeling techniques, and is able to interpret output for stakeholders. The SRA is expected to have a strong understanding of risk response options, including technical and nontechnical asset-level, variance, and decision-making controls. In this role, you will provide measurable risk response options to decision-makers reflecting a measurable effect on risk exposure using techniques such as return on security investment (ROSI). The incumbent must be able to employ risk and decision modeling techniques (primarily FAIR) sufficient to connect mathematically-modeled results to real-world actions that could be taken.
To be successful in this role, you will need to engage a wide range of technical and nontechnical SMEs and stakeholders throughout the enterprise. This role requires a blend of technical and interpersonal skills as you consult with risk analysts, technical experts, and analysis requesters to produce valuable, defensible, and actionable response analysis. You will be required to interpret quantified risk output and the related response options for a wide variety of stakeholders. The SRA will be expected to fully understand how tactical cybersecurity risk fits into the broader Walmart risk landscape.

You will be expected to demonstrate:
* A solid ability to execute defined processes for assessing and analyzing cybersecurity risk
* A solid understanding of basic analytical and statistical risk analysis methods
* A broad understanding of IT and IT-related risk factors
* A working knowledge of key information assurance principles and methods
* The ability to guide subject matter experts in providing calibrated estimates for relevant risk factors
* Expertise in the various control types, including technical and nontechnical options
* Experience assessing and advising on risk response options

Minimum Qualifications
Experience or coursework in one or more of the following subjects: statistics, economics, analytics, mathematics, risk management, actuarial science; AND
A master's degree in a field such as: cybersecurity, information assurance, information technology, computer science AND at least 1 year of demonstrated experience selecting, analyzing, advising on, and implementing technical and nontechnical controls in response to cybersecurity risk analysis; OR
A bachelor's degree in a field such as: cybersecurity, information assurance, information technology, computer science AND at least 2 years of demonstrated experience selecting, analyzing, advising on, and implementing technical and nontechnical controls in response to cybersecurity risk analysis; OR
An associate degree in a field such as: cybersecurity, information assurance, information technology, computer science AND at least 3 years of demonstrated experience selecting, analyzing, advising on, and implementing technical and nontechnical controls in response to cybersecurity risk analysis; OR
At least 4 years of demonstrated experience selecting, analyzing, advising on, and implementing technical and nontechnical controls in response to cybersecurity risk analysis.

Additional Preferred Qualifications
* Experience applying NIST 800-37 and 800-53
* Desired certifications:
* FAIR or OpenFAIR
* CISSP (ISSEP highly desired)
* CRISC / CSX
* GSEC / GISF
* Security+
* AIE

Northwest Arkansas is the 5th best place to live according to the U.S. News & World Report most recent list of the best places to live in America.

Contact Name

Joel Baese, Director

Contact E-mail

Category