Cybersecurity Risk Analyst
Offer summary
Qualifications:
Bachelor's degree in Information Security, Computer Science, Risk Management, or related field., 5+ years of experience in cybersecurity, IT risk management, or information assurance., Strong knowledge of cybersecurity concepts, technologies, and frameworks, along with risk assessment methodologies., Excellent written and verbal communication skills, with relevant professional certifications like CompTIA Security+ or CISSP..Key responsabilities:
- Evaluate internal systems and third-party vendors for potential cybersecurity risks through formal assessments.
- Collaborate with IT and security teams to recommend and track risk remediation activities and develop treatment plans.
- Support the implementation and monitoring of security frameworks and ensure compliance with regulatory standards.
- Assist with audits and prepare detailed risk reports and dashboards for stakeholders and executive leadership.
Job description
Risk Identification & Assessment
- Evaluate internal systems and third-party vendors for potential cybersecurity risks.
- Conduct formal risk assessments, threat modeling, and vulnerability analysis across infrastructure, applications, and operations.
Risk Mitigation & Recommendations
- Collaborate with IT and security teams to recommend and track risk remediation activities.
- Develop risk treatment plans and ensure timely mitigation or acceptance of risks.
Security Governance & Compliance
- Support implementation and monitoring of frameworks such as NIST, ISO 27001, CIS Controls, or SOC 2.
- Ensure alignment with regulatory standards (e.g., CCPA, GDPR, PCI-DSS, SOX).
IT Audit & Reporting
- Assist with internal and external audits, including evidence collection and control testing.
- Prepare detailed risk reports and dashboards for stakeholders and executive leadership.
Continuous Improvement
- Stay updated with emerging cybersecurity threats, trends, and technologies.
- Recommend improvements to cybersecurity policies, procedures, and awareness programs.
Requirements
- Bachelor's degree in Information Security, Computer Science, Risk Management, or related field.
- 5+ years of experience in cybersecurity, IT risk management, or information assurance.
- Strong knowledge of cybersecurity concepts, technologies, and frameworks.
- Experience with risk assessment methodologies and tools.
- Familiarity with compliance requirements (e.g., ISO 27001, NIST, SOC 2, SOX, GDPR, CCPA).
- Excellent written and verbal communication skills, with the ability to convey risk concepts to both technical and non-technical audiences.
- Professional certifications such as one the following are a top priority: CompTIA Security+, SSCP, GSEC, CISSP, CCSP, CGEIT, or ISO/IEC 27001 Lead Auditor
- Experience with GRC platforms (e.g., Workiva, Drata, TrustCloud, A-SCEND).
- Exposure to cloud security (IBM, AWS, Azure, GCP) and third-party risk management.
- Experience at a top 20 India CPA firm or India MSP
Required profile
Experience
Spoken language(s):
English
Check out the description to know which languages are mandatory. Other Skills
- Communication
Cybersecurity Analyst Related jobs
Tier 3 Cyber Security Analyst / Incident Response - Remote, US**
Tier 3 Cyber Security Analyst / Incident Response - Remote, US**
30+ days ago
DXC Technology
- Remote: United States
- Full time
- 105 - 195K
Incident ResponseThreat AssessmentCyber SecurityRoot Cause Analysis
Cyber Security Analyst
Cyber Security Analyst
26 day ago
Zone IT Solutions
- Remote: India, Australia, United Kingdom
- Full time
Cybersecurity Analyst
Cybersecurity Analyst
30+ days ago
DCI
- Remote: United States, Kansas (USA)
- 85 - 90K
Threat DetectionVulnerability ManagementIncident Response
Senior Cybersecurity Administrator
Senior Cybersecurity Administrator
30+ days ago
Dayforce
- Remote: Philippines
- Full time
Http ProtocolsIncident ResponseCyber Security
Cybersecurity Analyst
Cybersecurity Analyst
30+ days ago
Keys Recruiters
- Remote: Egypt
- Full time