Freelance Information Security Risk & Governance Specialist

ThreatXIntel

Location: India
Job type: Part-time

Required skills

Tableau
Power BI
communication skills
compliance
data analytics
data science
end-to-end
information security
statistics

About the role

ThreatXIntel

Website: threatxintel.com
Job details:

Company Description

ThreatXIntel is a growing Cybersecurity, IT Staffing, and Consulting company delivering end-to-end technology and security solutions.

Role Overview

We are looking for a Freelance Information Security Risk & Governance Specialist with strong expertise in risk quantification, FAIR methodology, and data-driven risk modeling.

The ideal candidate will work on building current-state and future-state risk models, quantify annualized loss exposure, and calculate risk reduction benefits in financial terms.

This role is highly analytical and requires experience in risk modeling, scenario analysis, and governance frameworks.

Key Responsibilities

Risk Modeling & Quantification

Build current-state risk models to quantify annualized loss exposure
Develop future-state models incorporating IT governance controls
Calculate risk reduction delta (financial impact in dollar terms)
Perform scenario-based risk analysis (frequency & magnitude modeling)

FAIR & Risk Methodology

Apply FAIR (Factor Analysis of Information Risk) methodology
Define and model risk scenarios (data breach, outage, compliance risk, etc.)
Document assumptions, inputs, and calibration logic

Data Analysis & Reporting

Analyze risk data using analytics tools and data platforms
Develop metrics, KRIs, KPIs for risk monitoring
Create dashboards and reports using Tableau / Power BI

Governance & Controls

Align risk models with frameworks:
NIST CSF
Unified Control Framework (UCF)
Regulatory standards (HIPAA, PCI)
Evaluate impact of controls like:
IAM
Patching
Monitoring
DR/BCP

Scenario Analysis & Simulation

Perform sensitivity analysis and scenario comparison
Evaluate impact of control improvements on risk exposure
Support decision-making with quantified insights

Collaboration & Stakeholder Management

Work with IT, Security, Finance, and Business teams
Present risk insights to leadership and executive stakeholders
Support board-level risk reporting

Tooling & Technology

Work with platforms like ThreatConnect / FAIR tools / analytics systems
Define data inputs and integrate with enterprise data sources

Required Skills (Mandatory)

Strong experience in Information Security Risk Management (5+ years)
Hands-on experience with FAIR risk quantification methodology
Experience in risk modeling (current-state & future-state)
Strong analytical skills (probability, loss estimation, scenario modeling)
Experience with data analytics & reporting tools (Tableau / Power BI)
Strong understanding of NIST, UCF, and regulatory frameworks
Experience in risk scenario analysis and financial impact modeling
Strong communication skills for executive-level reporting

Nice to Have

Experience with ThreatConnect or similar platforms
Certifications: CISSP, CISA, CRISC, FAIR
Background in data science / statistics / risk analytics
Experience in healthcare or regulated industries

Click on Apply to know more.

This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.