Risk Analyst

Job Description

Job Title: Risk Analyst – IT Assessment, Testing and Audit
Company: Maclear Global Risk Management Private Limited
Location: Remote with ability to travel pan India
Position Type: Full-Time
Start Date: Preferably immediate or within 30 days
About Maclear Global:
Maclear Global is a leading provider of risk assessment and vendor information security services,
dedicated to safeguarding the confidentiality, integrity, and availability of sensitive data. We work
closely with our clients to ensure compliance with regulatory requirements and to minimize inherent
technology risks. Our commitment to excellence, integrity, and client satisfaction has earned us a solid
reputation in the industry.
Job Description:
As a Risk Analyst at Maclear Global, you will play a crucial role in evaluating and managing the security
and compliance of our clients’ vendor relationships. You will work closely with internal teams and
external vendors to assess, report, and mitigate risks, ensuring that data and information security
standards are met.
Responsibilities:
Conduct internal controls and vendor information security risk assessments, testing and audits, with a
preference for candidates with previous experience in conducting risk assessments.
Validate the adequacy of controls, standards, policies, and procedures to protect Confidentiality,
Integrity, and Availability and ensure compliance with regulatory requirements.
Assess the level of inherent technology risks in the context of business objectives and risk appetite,
establishing residual risk based on scores.
Classify vendors according to their access to systems, networks, and sensitive information, assessing
risks for individual vendors based on their level of access and the sensitivity of the data they handle.
Query vendors based on their responses, identify potential gaps or observations, and communicate
findings to stakeholders in a structured format, including risk descriptions, root causes, business
impacts, compensating controls, and suggested remediation plans.
Prepare and update Standard Operating Procedures for the Vendor Risk assessment process.
Organize and lead internal weekly action review calls to track the status of ongoing assessments.
Utilize knowledge of frameworks like CIS, NIST-CSF or ISO and understand compliance requirements
pertaining to data privacy, such as GDPR, CCPA, etc.
© 2024 Maclear Global. All rights reserved. Version 3.0 02/29/2024
Maintain, track, and follow up on the status of assessments, publishing a weekly tracker to the client.
Full training will be provided for this role.
This position is client-facing, so a strong client presence and excellent communication skills are essential.
Be highly organized and a self-starter, requiring minimal supervision.
Be able to learn software intuitively and enhance processes to take advantage of automation.
Qualifications and Skillset:
Bachelor’s degree in a relevant field or equivalent work experience.
Previous experience in conducting risk assessments is a plus.
Knowledge of risk management frameworks, such as CIS, NIST-CSF or ISO.
Understanding of compliance requirements related to IT audit, data privacy, including GDPR and CCPA.
Strong organizational and communication skills.
Ability to work independently and collaboratively.
Excellent client-facing skills and a professional demeanor.
If you are a self-motivated individual with a passion for risk analysis and information security, and you
want to join a dynamic team that is dedicated to ensuring the security of our clients’ sensitive data, we
encourage you to apply.