Risk/Governance Analyst
qTech.
Employer Active
Posted on 29 Sep
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
1. Risk Management in Software Development
Identify and assess risks across the software development lifecycle (SDLC), including design, coding, testing, and deployment.
Collaborate with development teams to implement risk mitigation strategies, such as secure coding practices and code reviews.
Maintain a risk register specific to software development projects and ensure timely updates.
Monitor and address risks associated with emerging technologies, third-party integrations, and cloud-based platforms.
2. Governance and Compliance
Develop and enforce IT governance policies and procedures tailored to software development practices.
Ensure compliance with standards and regulations such as GDPR, ISO 27001, CMMI v2, SOC 2, and OWASP guidelines.
Conduct audits of software development and deployment processes to evaluate adherence to governance frameworks.
Assist in the development and maintenance of secure development policies (e.g., DevSecOps practices).
3. Data Analysis and Reporting
Analyze incident trends, vulnerabilities, and operational data to provide actionable insights.
Prepare detailed governance and risk reports for development leads and senior leadership.
Develop dashboards to monitor compliance and risk-related KPIs for software projects.
4. Training and Awareness
Conduct targeted training sessions for development teams on secure coding, governance frameworks, and risk management practices.
Develop and disseminate awareness materials related to IT risks and compliance in software projects.
5. Incident Management in Development
Investigate incidents such as security breaches, data leaks, or system outages related to software applications.
Recommend and track the implementation of corrective actions to prevent similar incidents.
Desired Candidate Profile
Bachelor s degree in Computer Science, Software Engineering, Information Technology, or a related field.
Certifications such as CRISC, CISM, CGEIT, CMMI, ISO 27001 Lead Implementer, or Secure Software Development certifications are preferred.
Experience
2+ years of experience in risk management, governance, or compliance within a software development environment.
Hands-on experience with DevOps/DevSecOps practices is a plus.
Familiarity with software development methodologies such as Agile, Scrum, or Kanban.
Skills and Competencies
Strong understanding of the SDLC and associated risks.
Knowledge of IT governance frameworks like COBIT, NIST, CMMI v2, or ISO 27001.
Experience with risk management and GRC tools.
Proficiency in security tools such as SAST, DAST, or vulnerability scanners.
Strong analytical and problem-solving skills.
Excellent written and verbal communication skills to work with technical and non-technical stakeholders.
Company Industry
- IT - Software Services
Department / Functional Area
- IT Software
Keywords
- Risk/Governance Analyst
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com