Cybersecurity Risk Analyst

Overview

We are seeking a Cybersecurity Risk Analyst to support and coordinate the efforts around analyzing, classifying, monitoring, and mitigating cybersecurity risks across our organization. This role involves analyzing threats, evaluating vulnerabilities, and ensuring compliance with regulatory and organizational security standards. The Cybersecurity Risk Analyst will provide advice and recommendations to organizational stakeholders to support resolution and mitigation of risk areas identified through routine risk management processes.

Benefits

We offer a comprehensive benefits package designed to support your well-being and professional development, including:

• Flexible work schedules
• Health, dental, and vision insurance
• Retirement plan options
• Tuition reimbursement
• Paid time off
• Employee wellness programs
• Career advancement opportunities

Key Responsibilities

• Risk Assessment & Analysis
• Conduct risk assessments on systems, infrastructure, software applications, and processes.
• Identify and assess security risks associated with third-party vendors.
• Analyze security incidents and emerging threats to determine potential impact.
• Compliance & Governance
• Ensure adherence to regulatory frameworks and standards (e.g., HIPAA, PCI-DSS).
• Support audits and maintain documentation for compliance reporting.
• Monitoring & Reporting
• Develop and maintain risk registers and dashboards.
• Prepare detailed reports and present findings to leadership and stakeholders.
• Policy & Process Development
• Assist in creating and updating security policies, standards, and procedures.
• Recommend risk mitigation strategies and security controls.
• Collaboration
• Work with IT, Security, and Business teams to implement risk management strategies.
• Provide guidance on secure practices and risk reduction.

Qualifications

• Experience
• 4+ years in cybersecurity, GRC, or related field.
• Familiarity with risk assessment methodologies and frameworks.
• Familiarity with security frameworks and regulatory standards (e.g., NIST, HIPAA, PCI-DSS).
• Technical Skills
• Knowledge of vulnerability management tools, SIEM platforms, and risk analysis software.
• Understanding of network security, cloud security, and data protection principles.
• Education & Certifications
• Bachelor's degree in Cybersecurity, Information Technology, or related technical field.
• Preferred: CISM, CISA, CRISC, or similar certifications.

Keywords

Cybersecurity, Risk Analyst, Risk Management, Vulnerability Management, Cybersecurity Risk, HIPAA, PCI-DSS, NIST, GRC, SIEM, Network Security, Cloud Security, Data Protection, CISM, CISA, CRISC, Risk Assessment, Compliance, Threat Analysis