CyberSecurity Risk Analyst

Security Risk Analyst A successful candidate will have a strong background in the following areas: Development and execution of cyber risk assessments for Honorlock applications, products, and services Risk identification through the performance of risk assessments and other measures Preparation of risk assessment findings and reports on remediation plan progress Due diligence as part of M&A initiatives. Responsibilities include: Administration of the cyber risk management program following the NIST or other equivalent cyber risk management framework and other security standards and related industry best practices Performance of enterprise cyber risk assessments to identify inherent and residual risks Analyze and document findings, recommend and report program gaps to leadership Administration of the security risk register and related remediation activities Administration of the risk management information system Collaboration with technology and business stakeholders to develop and document risk treatment plans in line with the enterprise risk appetite Report key metrics including the status of assessments, issue management, and risk management Develop and maintain documentation on processes, procedures in accordance with standards, regulations, and industry best practices Maintain an understanding of emerging trends in information security threats and risks Prepare and present risk assessment findings, guide remediation plans and report on progress Minimum Qualifications: Bachelor's or Master's degree in Business, Information Technology, Computer Science or equivalent experience Must possess 2+ years' experience in compliance, information security, and/or information technology with a focus on security/risk. Understanding of cybersecurity risk management maturity practices and frameworks Proficiency in the application of NIST Cyber Security Framework (CFS), SOC 2, ISO 27001, and other best-practice standards. Understanding of a broad range of security technical concepts Excellent project management and organizational skills Excellent communication, interpersonal skills, and sound business judgment Preferred Qualifications: Experience performing assessments of IT-related processes such as system and information security, system development, and change management, computer operations, and data protection Experience working with internal and external cybersecurity audits, vulnerability and risk assessments Experience in managing issues through risk analysis/treatment/mitigation processes

#J-18808-Ljbffr