Risk Analyst - Appleton
Werner Electric Supply Company provides electrical and lighting products and services to industrial and electrical contractors and industrial automation professionals in Wisconsin, and Michigan's Upper Peninsula. We are a company with a strong reputation for success, and each employee's role is critical to fulfilling the mission of our organization. We are dedicated to continual improvement in the distribution of quality product and services resulting in the long-term trust, profitability, and success of our employees, customers, vendors, and the communities we serve. All of these things are just part of what makes Werner Electric Supply Company such a great place to work!
Provide operational actions to drive a culture of risk mitigation and be responsible for the governance and actions necessary to identify, evaluate, mitigate, and monitor the company's operational and strategic risks.
Essential Duties and Responsibilities
- Leads the risk management process to work with all functional areas to identify, analyze, and mitigate Enterprise risk.
- Develops Enterprise Risk Management tools, practices, and policies to analyze and report enterprise risks, and to manage risks according to an enterprise risk management framework.
- Analyzes contracts with customers and vendors to ensure all contractual terms and conditions are at an acceptable level of risk to the Organization, and that all opportunities to mitigate risk have been achieved.
- The position is a key contributor responsible for overseeing the organization's cybersecurity and privacy control and governance frameworks, practices, and programs. This position is responsible for evaluating risk by leading various security risk assessments of new and existing IT systems, third parties, new businesses that are developed or acquired, and audits against various security control frameworks/standards.
- This role will lead low to moderate security/privacy incidents, driving action, providing root cause analysis, and timely resolution in accordance with regulatory, federal or state security/privacy law. Also, this role will maintain the incident response process, and participate in exercises of mock security/privacy incidents.
- This includes providing input into the risk assessment process for reviewing new software, hardware, internally developed systems, third parties, and newly acquired companies. Lead remediation of risks identified through the risk process and contribute towards improving the overall risk management program. It also includes leading annual security assessments of Werner against established security control framework(s), completing written reports of results to be shared with IT leaders and senior leaders outside of IT. The risk assessment process will provide standard deliverables for all types of risk assessments. In addition, this role will track all action plans committed to by various leaders. Also, if needed, this role will engage the services of other third parties to perform various security assessments, like a penetration tests on the network security controls.
- Lead role in all security and privacy compliance efforts. In particular, this role will help lead the National Institute of Technology & Standards (NIST), Payment Card Industry Data Security Standards (PCI DSS) and other efforts.
- Acts as the liaison to attorneys, insurance companies and employees with respect to ensuring an acceptable level of risks for contracts entered into by Werner Electric Supply.
- Responsible for implementing, monitoring, and testing disaster recovery plan.
- Develops the vision and core program and tools needed to create a culture of risk awareness and mitigation from the Executive Team to the individual contributor level.
- Other related duties as assigned.
- Bachelor's Degree in related field required.
- 5+ years of relevant experience preferred. Ideal candidates will have experience development, review, and presentation of business contracts, IT cybersecurity, and risk management.
- Strong written and oral communication skills required. Must be able to speak and effectively present information in one-on-one and group settings with customers, clients, and other employees of the organization.
- Experience with Microsoft Office Suite required.
- CRMP, CRCMP, and/or CM preferred.
- Regularly required to sit, stand, walk, use hands, talk, and listen. Occasionally required to reach with hands and arms.
Werner Electric Supply is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected.