Complete risk and control self-assessment including analysis of inherent risk, control environment, residual risks, segment risk appetite metrics, top and emerging risks, control effectiveness, metrics, findings, risk acceptances, and changes since last period according to guidance and timelines. Familiar with network security, vulnerability management, identity management, infrastructure, data loss prevention, incident and problem management, change management, configuration management, and other key areas.