- Cybersecurity Recruiters and Staffing SpecialistsCyber Risk Analyst
Cybersecurity Jobs
- Application Security Engineer
- Chief Information Security Officer (CISO)
- Cloud Security Architect
- Cloud Security Engineer
- Cyber Risk Analyst
- Cybersecurity Engineer
- Data Privacy Officer
- Data Security Engineer
- Database Administrator (DBA)
- DevOps Engineer
- Forensics Analyst
- GRC Analyst
- Identity and Access Management Engineer
- Information Assurance Analyst
- Information Security Manager
- Information Security Officer
- Internet Analyst
- Intrusion Analyst
- IT Compliance Analyst
- IT Security Project Manager
- Network Engineer
- Network Security Analyst
- Network Security Engineer
- Networking Specialist
- Penetration Tester
- Risk Analyst
- Security Analyst
- Security Architect
- Security Compliance Analyst
- Security Engineer
- Senior IT Security Consultant
- Senior Network Engineer
- Software Developer
- Threat and Incident Manager
- Vulnerability Management Analyst
A large vision necessitates a large task. As we expand, so does our need for expertise in governance, risk, and compliance (GRC). Toward that end, we are seeking a Cyber Risk Analyst to assist in enhancing our information security, information governance, privacy, compliance, and risk management procedures. In this role, you will work with the GRC Manager and other team members to identify flaws and vulnerabilities in business and customer security systems to proactively develop solutions.
Typical Duties and Responsibilities
- Collaborate with business and engineering executives to identify and enhance existing control processes
- Evaluate internal control improvement opportunities
- Administer audit and security GRC tools, such as RSA Archer and OneTrust, to document, maintain, and enhance controls
- Maintain knowledge of key SOX controls and enhance IT controls and policies accordingly
- Manage and maintain the controls of the IT audit program
- Preparing team members and necessary materials for audit meetings (e.g., control design walkthroughs), follow-up requests, and testing
- Coordinate testing and validation of IT General Control (ITGC) processes for SOX and internal audit
- Review auditor requests to ensure they are appropriately scoped and reasonable, and review the completeness and accuracy of audit evidence and materials provided by internal team members prior to auditor submission
- Partner with senior IT leaders to ensure team member accountability for completing audit assignments on time with the appropriate level of priority, thoroughness, and accuracy, according to documented procedures
- Identify and rank the inventory of third parties that pose a risk to the organization
- Collect the necessary security and auditing information from third parties, analyze it, and recommend its implementation as a control
- Oversee the maturation of the third party risk management program through the development of standard operating procedures
- Contribute to the design, creation, and maintenance of risk-based metrics
- Independently lead projects, coordinating efforts with all team members, and ensure proper management communication and project success through completion
Education
- Bachelor’s degree in computer science or a related field
Required Skills and Experience
- 3+ years’ experience in governance, risk, and compliance and/or information security or audit
- Advanced knowledge and understanding of ITGC and SOX controls
- Expertise in complex business processes and technological risks
- Deep understanding of security technologies including firewalls, proxies, SIEM, IDPs, and antivirus software
- Knowledge of penetration testing, network security, and common techniques to expose and correct security flaws
- Advanced understanding of third-party risk management
- Prior experience with third-party GRC and vendor management platforms
- Superior verbal and written communication skills with technical and non-technical audiences at all organizational levels
- Passion and dedication for improving security and compliance maturity in a significant way
Preferred Qualifications
- Prior knowledge of SOX is preferred