Skip to content

Security Risk Assessor

General information

Location:

Singapore - Singapore - Remote

Function:

Information Technology

Ref #:

20210019741

Description & Requirements

Description

The position is responsible for overseeing, evaluating, and supporting the documentation, validation, and assessment processes necessary to assure that existing and new information technology systems meet cybersecurity and technical security risk management requirements. Ensuring appropriate treatment of security risk and assurance from internal and external perspectives is vital.
This position demands one to stay current with emerging technologies, while managing cross-team dynamics. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving.

Primary Duties and Responsibilities:
• Leverage technical risk management processes to identify and report impact of residual risk on the organizational mission and provides recommendations to organizational leadership.
• Recommend security system controls and risk countermeasures to mitigate/correct security deficiencies.
• Recalculating priority for risks that decrease due to exploitability limitations and threats.
• Understand asset values to the organization (e.g., revenue generating, supporting critical business functions).
• Understand assets criminal value and criminally magnetic properties (e.g., data or process has a criminal value).
• Understand the liabilities and lateral exposure of a potentially breached asset with an arbitrary vulnerability.
• Trigger remediation plan and interim mitigation/detection process (e.g., set urgency, alert security operations centers, notify operations teams for priority resolution, provide executive awareness and external status reporting).
• Recognize vulnerabilities and develop and execute risk management processes, including steps and methods for assessing risk in systems to analyze cyber threats; conduct trend analysis and oversees the implementation of preventative measures.
• Calculation of inherent and residual risk based on quantitative data (i.e., asset value, expert input on certainty of loss and loss probability ranges over a period of time, running MonteCarlo simulations, risk tolerance, loss exceedance curves, cost to mitigate, transference to insurance).
• Liaise with management to understand, prioritize, and coordinate risk mitigation activities.

Qualifications

Required Qualifications:
• 5+ years’ experience working in a security risk analysis role
• Has good organizational and interpersonal skills and broad experience in interacting successfully with both technical and non-technical people
• Experienced in leading cross functional teams (including onsite, remote, and offshore) to consensus
• Experience conducting security risk assessments, documenting findings and reporting on identified issues
• Understands operating systems, networks, applications, and applicability and limitations of security controls
• Written and verbal communication skills in security assessment documentation
• Experienced in leading cross divisional teams to consensus

Preferred Qualifications:
• Quantitative risk assessment experience
• Factor Analysis of Information Risk (FAIR) experience
• Running MonteCarlo simulations, risk tolerance, and loss exceedance curves
• Experience with risk management tools, Archer, Visio, MS PowerPoint and MS Office Suite

Corporate overview

Here at UKG, Our Purpose Is People. UKG combines the strength and innovation of Ultimate Software and Kronos, uniting two award-winning, employee-centered cultures. Our employees are an extraordinary group of talented, energetic, and innovative people who care about more than just work. We strive to create a culture of belonging and an employee experience that empowers our people. UKG has more than 13,000 employees around the globe and is known for its inclusive workplace culture. Ready to be inspired? Learn more at www.ukg.com/careers

EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. 


View The EEO is the Law poster and its supplement. 

View the Pay Transparency Nondiscrimination Provision

UKG participates in E-Verify. View the E-Verify posters here.


Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com or please call 1 (978) 250 9800.

Apply