The Sr. Risk Analyst (SRA) examines and interprets data sets and documents to make an informed conclusion. The SRA acts as a facilitator reviewing current conditions, processes, and controls, recommending additional controls to reduce risk, and making internal departments more efficient. The SRA organizes findings, draws initial conclusions/interpretations, and discusses these findings with internal manager prior to escalating to business management. Business acumen, critical thinking and analytical skills are essential.

Founded in 1989, SHI International Corp. is a $12 billion global provider of IT solutions and services, and currently has over 5,000 dedicated employees worldwide.

To learn more about SHI International Corp, visit our website: www.shi.com/careers

• World Class Facility includes on site gyms and cafeterias
• Ongoing opportunities for personal and professional growth and development due to our strong promote from within philosophy
• Work in an up-beat, creative, and fun environment
• Benefits including medical, vision, dental, 401K, and flexible spending

• Maintain/support the Risk and Resiliency (R&R) tool(s) which may also include interfaces with other ancillary systems
• Develop and coordinate communication and training of the Company’s Risk Management Framework
• Develop policies, standards, guidelines, and best practices to maintain an effective control environment
• Mature standard document library and process flows for new projects and applications
• Mature the Company’s Process, Risk, and Control (PRC) library and Risk Register, and evaluate accuracy and completeness of Risk and Control Self-Assessments (RCSA)
• Ensure appropriate treatment plans are developed to mitigate risk and define residual risk exposure
• Implement and execute control programs that focus on key risks and evaluate the effectiveness of the mitigating controls
• Validate and review controls of key business projects, business changes, and health check events
• Conduct internal governance control reviews and partner with managers on internal and external audits
• Meet with business partners to assess their control environment documenting risks, risk treatment plans, and remediation actions
• Identify duplicative activities/software, conduct analysis to identify best-in-class solutions for SHI, and track decommissioning efforts and cost savings
• Identify and implement process improvement initiatives to strengthen the Company’s control environment, improve efficiencies, and increase cost savings
• Consolidate findings from business partner sessions and identify gaps and/or new requests
• Partner with other Analysts on training, awareness, testing, and exercise initiatives
• Ensure materials and website content are relevant and consistent and exercises are appropriate
• Support Incident Response & Management efforts identifying potential risks, providing key performance metrics, and assisting with other activities as necessary
• Provide input into Steering Committee and other business management presentations
• Develop management reporting and metrics, engaging management on appropriate actions

• 5+ years of project management experience
• 5+ years of risk management experience with a strong understanding of operational risk and business process improvement methods
• 2+ years of Business Continuity and Incident Management experience
• Knowledge and experience with Risk Management, Business Continuity Management, and Information Technology standards and best practices, including governance frameworks (ISO 31000, 27001, 22301, NIST, ITIL, etc.)
• Experienced with GRC Risk Management tools and related interfaces
• Proficient computer skills required, including experience using Microsoft applications (Word, Excel, PowerPoint, Project, Visio, and Outlook)

• Must be able to handle multiple tasks with changing priorities and regularly communicate changes in scope and schedule to all concerned parties
• Ability to work with employees at all levels of the organization
• Ability to think ahead, plan long-term decisions, and anticipate outcomes
• Strong problem solving, organizational, and time management skills
• Possess good judgment and decision-making skills
• Ability to be approachable, maintain composure, and possess a professional attitude
• Ability to understand audience and adapt communications accordingly
• A linear, logical thinking style with ability to break down and solve difficult problems
• Ability to work both individually and in a team environment
• Detail-oriented with the ability to complete tasks with efficiency and accuracy
• Ability to learn fast, absorb knowledge, and apply newly learned information
• Ability to self-study and engage in independent work to increase job related knowledge and skills
• Able to take ownership of a project through its lifecycle Excellent follow-up skills
• Able to build and foster strong working relationships to influence and drive organizational engagement
• Able to present information and/or provide training on technical subjects in an understandable manner in both oral and written form
• Self-motivated with the ability to work with limited direction and oversight
• Excellent written, verbal, and presentation skills
• Flexible and positive ‘can do’ attitude with the ability to remain calm and work well under pressure
• Strong understanding of operational risk and business process improvement methods
• Understanding of BC/DR/IM planning concepts, strategies, and methodologies
• Able to Evaluate, document, and maintain standards, processes, and procedures
• Ability to write policies, standards, and guidelines and develop standard document library
• Demonstrable control awareness experience

• PMP Certification
• CRM/PRM Certification

• Position requires >25 % of travel to meet with internal business groups and/or conduct vendor assessments.
• Extended hours are required to complete some special projects

• FLSA: Exempt