Cybersecurity Risk Analyst II (30766)
GI Alliance, Southlake, TX, United States
Position Purpose
We are seeking a detail‑oriented Cyber Security Risk Analyst specializing in Governance, Risk, and Compliance (GRC). This role will support the organization’s cybersecurity risk management program by identifying, assessing, and mitigating risks while ensuring compliance with regulatory requirements and industry standards. The ideal candidate will have a strong understanding of cybersecurity frameworks, risk assessment methodologies, and regulatory compliance, along with the ability to translate technical risks into business impacts.
Responsibilities
Conduct cybersecurity risk assessments, including third‑party/vendor risk evaluations (TPRM)
Identify, analyze, and document security risks, threats, and vulnerabilities
Support the development and maintenance of risk registers and risk treatment plans
Ensure compliance with applicable regulations, standards and frameworks (e.g., NIST, ISO 27001, SOC 2, PCI‑DSS, HIPAA as applicable)
Assist in the development, review, and enforcement of information security policies, standards and procedures
Partner with IT, engineering, legal and business teams to ensure security controls are implemented effectively
Monitor and report on compliance posture, control effectiveness and risk metrics
Support internal and external audits, including evidence gathering and remediation tracking
Maintain awareness of emerging threats, regulatory changes and industry best practices
Provide security awareness and guidance to stakeholders across the organization
Qualifications
Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, STEM or related field
Experience: 2–5+ years of experience in cybersecurity, risk management or compliance roles
Strong knowledge of GRC principles, risk frameworks and control standards
Familiarity with one or more frameworks: NIST CSF, ISO/IEC 27001, COBIT, CIS Controls
Experience with risk assessment tools and methodologies
Understanding of regulatory requirements relevant to the business (e.g., GDPR, HIPAA, SOX)
Strong analytical, documentation and communication skills
Ability to manage multiple priorities and work cross‑functionally
Professional certifications such as CISSP, CISM, CRISC, CGRC
Experience with GRC tools (e.g., Drata, Archer, ServiceNow GRC, OneTrust)
Knowledge of cloud security and compliance (AWS, Azure, GCP)
Experience with third‑party risk management programs
Risk assessment and critical thinking
Attention to detail and documentation rigor
Strong stakeholder communication
Problem‑solving and decision‑making
Integrity and accountability
Demonstrated administration of security platforms and security related best practices
Experience in developing and deploying security specific solutions including the automation of repeatable security tasks and controls
Experience with security vulnerability and penetration tools, remediation and processes
Strong analytical and interpersonal skills
Proficient IT technical skills
Excellent communication skills, both written and verbal
Ability to manage conflict and resolve problems
Ability to multi‑task and prioritize
Self‑motivated with initiative
Strong sense of ethics
Equipment Operated This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
Work Environment This job operates in professional office environments.
Physical Requirements
While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; talk or hear; and taste or smell.
The employee must occasionally lift or move up to 25 pounds.
Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception and the ability to adjust focus.
GI Alliance is an Equal Opportunity Employer. We are committed to creating an inclusive, welcoming, and equitable work environment. Our company values and celebrates the diversity of our physicians, staff and patients. We firmly believe our service is greatly enriched by our diversity of thought, experience, perspective, culture, and background.
EEO/AA‑M/F/disabled/protected veteran
#J-18808-Ljbffr
Responsibilities
Conduct cybersecurity risk assessments, including third‑party/vendor risk evaluations (TPRM)
Identify, analyze, and document security risks, threats, and vulnerabilities
Support the development and maintenance of risk registers and risk treatment plans
Ensure compliance with applicable regulations, standards and frameworks (e.g., NIST, ISO 27001, SOC 2, PCI‑DSS, HIPAA as applicable)
Assist in the development, review, and enforcement of information security policies, standards and procedures
Partner with IT, engineering, legal and business teams to ensure security controls are implemented effectively
Monitor and report on compliance posture, control effectiveness and risk metrics
Support internal and external audits, including evidence gathering and remediation tracking
Maintain awareness of emerging threats, regulatory changes and industry best practices
Provide security awareness and guidance to stakeholders across the organization
Qualifications
Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, STEM or related field
Experience: 2–5+ years of experience in cybersecurity, risk management or compliance roles
Strong knowledge of GRC principles, risk frameworks and control standards
Familiarity with one or more frameworks: NIST CSF, ISO/IEC 27001, COBIT, CIS Controls
Experience with risk assessment tools and methodologies
Understanding of regulatory requirements relevant to the business (e.g., GDPR, HIPAA, SOX)
Strong analytical, documentation and communication skills
Ability to manage multiple priorities and work cross‑functionally
Professional certifications such as CISSP, CISM, CRISC, CGRC
Experience with GRC tools (e.g., Drata, Archer, ServiceNow GRC, OneTrust)
Knowledge of cloud security and compliance (AWS, Azure, GCP)
Experience with third‑party risk management programs
Risk assessment and critical thinking
Attention to detail and documentation rigor
Strong stakeholder communication
Problem‑solving and decision‑making
Integrity and accountability
Demonstrated administration of security platforms and security related best practices
Experience in developing and deploying security specific solutions including the automation of repeatable security tasks and controls
Experience with security vulnerability and penetration tools, remediation and processes
Strong analytical and interpersonal skills
Proficient IT technical skills
Excellent communication skills, both written and verbal
Ability to manage conflict and resolve problems
Ability to multi‑task and prioritize
Self‑motivated with initiative
Strong sense of ethics
Equipment Operated This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
Work Environment This job operates in professional office environments.
Physical Requirements
While performing the duties of this job, the employee is occasionally required to stand; walk; sit; use hands to finger, handle, or feel objects, tools or controls; reach with hands and arms; climb stairs; balance; stoop, kneel, crouch or crawl; talk or hear; and taste or smell.
The employee must occasionally lift or move up to 25 pounds.
Specific vision abilities required by the job include close vision, distance vision, color vision, peripheral vision, depth perception and the ability to adjust focus.
GI Alliance is an Equal Opportunity Employer. We are committed to creating an inclusive, welcoming, and equitable work environment. Our company values and celebrates the diversity of our physicians, staff and patients. We firmly believe our service is greatly enriched by our diversity of thought, experience, perspective, culture, and background.
EEO/AA‑M/F/disabled/protected veteran
#J-18808-Ljbffr