Cybersecurity Risk Analyst
Macpower Digital Assets Edge, Jersey City, New Jersey, United States, 07390
Job Locations: Dallas, TX | Tampa, FL | Jersey City, NJ
Note:
Preference will be given to candidates with prior experience in the Financial Services Industry. Position Summary:
The
Information Risk Analyst/Cybersecurity Risk Analyst
will be responsible for developing risk assessment questionnaires, conducting risk assessments for applications (on-premises and cloud), infrastructure (on-premises and cloud), and vendors, in accordance with a defined risk framework. These assessments will be executed through a formalized risk assessment program. The role involves identifying risks related to how business and technology teams utilize IT systems and supporting technological infrastructure. Key Responsibilities Conduct research on technology security, cybersecurity best practices, and develop risk assessment questionnaires. Plan and perform risk assessments following the organization's methodology, documenting and communicating control deficiencies in business processes and technology systems. Collaborate with Enterprise IT to address cybersecurity risk findings, new initiatives, and ad hoc processes, covering areas such as databases, operating systems, networking devices, storage systems, and cloud solutions. Provide risk remediation recommendations to business and technology teams to mitigate identified control gaps. Clearly articulate risks in a way that is understandable to both business and technology stakeholders. Evaluate management responses to ensure remediation plans effectively address identified risks. Prepare assessment reports and dashboards for IT owners. Maintain risk documentation within the designated risk register. Guide business and technology teams through policy exception and risk acceptance processes. Contribute to the continuous improvement of the risk assessment process. Required Experience
5+ years
of experience in risk assessment within application security, infrastructure security, or vendor risk management. Experience in the
Financial Services Industry
is preferred but not mandatory. Strong understanding of
Information Risk Management
best practices. Technical proficiency in
cybersecurity concepts and IT systems . Required Knowledge & Skills
Strong technical knowledge of
infrastructure, networks, databases, and systems
and their impact on cybersecurity risk. In-depth understanding of
security methodologies, policies, and industry best practices . bility to
rticulate technical concepts
effectively to both technical and non-technical audiences. Strong analytical and
critical thinking skills . Excellent presentation skills
(MS PowerPoint). Proficiency in
data manipulation
using MS Excel. bility to
build consensus, influence decision-making , and foster collaboration across teams. Strong
written and verbal communication skills . Exceptional
organizational skills
with the ability to adapt to a dynamic work environment. Sound
business judgment
and ability to engage with all levels of management. Education & Certifications:
Bachelor's degree preferred . Relevant industry certifications such as
CISSP, CISM, CRISC, or CCSP
are preferred.
Preference will be given to candidates with prior experience in the Financial Services Industry. Position Summary:
The
Information Risk Analyst/Cybersecurity Risk Analyst
will be responsible for developing risk assessment questionnaires, conducting risk assessments for applications (on-premises and cloud), infrastructure (on-premises and cloud), and vendors, in accordance with a defined risk framework. These assessments will be executed through a formalized risk assessment program. The role involves identifying risks related to how business and technology teams utilize IT systems and supporting technological infrastructure. Key Responsibilities Conduct research on technology security, cybersecurity best practices, and develop risk assessment questionnaires. Plan and perform risk assessments following the organization's methodology, documenting and communicating control deficiencies in business processes and technology systems. Collaborate with Enterprise IT to address cybersecurity risk findings, new initiatives, and ad hoc processes, covering areas such as databases, operating systems, networking devices, storage systems, and cloud solutions. Provide risk remediation recommendations to business and technology teams to mitigate identified control gaps. Clearly articulate risks in a way that is understandable to both business and technology stakeholders. Evaluate management responses to ensure remediation plans effectively address identified risks. Prepare assessment reports and dashboards for IT owners. Maintain risk documentation within the designated risk register. Guide business and technology teams through policy exception and risk acceptance processes. Contribute to the continuous improvement of the risk assessment process. Required Experience
5+ years
of experience in risk assessment within application security, infrastructure security, or vendor risk management. Experience in the
Financial Services Industry
is preferred but not mandatory. Strong understanding of
Information Risk Management
best practices. Technical proficiency in
cybersecurity concepts and IT systems . Required Knowledge & Skills
Strong technical knowledge of
infrastructure, networks, databases, and systems
and their impact on cybersecurity risk. In-depth understanding of
security methodologies, policies, and industry best practices . bility to
rticulate technical concepts
effectively to both technical and non-technical audiences. Strong analytical and
critical thinking skills . Excellent presentation skills
(MS PowerPoint). Proficiency in
data manipulation
using MS Excel. bility to
build consensus, influence decision-making , and foster collaboration across teams. Strong
written and verbal communication skills . Exceptional
organizational skills
with the ability to adapt to a dynamic work environment. Sound
business judgment
and ability to engage with all levels of management. Education & Certifications:
Bachelor's degree preferred . Relevant industry certifications such as
CISSP, CISM, CRISC, or CCSP
are preferred.