Cyber Risk Analyst

South Carolina Ports AuthorityMount Pleasant, SC

About The Position

The Cyber Risk Analyst supports the General Manager of Information Security by identifying, assessing, reducing, monitoring, and reporting cybersecurity risk. The role helps protect systems, data, users, applications, vendors, infrastructure, and business operations from ransomware, credential compromise, business email compromise, data loss, third-party compromise, cloud/SaaS exposure, and operational disruption. The analyst performs risk and vulnerability assessments, reviews threat intelligence, triages security alerts, supports incident response, documents findings, and translates technical issues into practical risk recommendations for business, technical, and executive audiences.

Requirements

  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, Information Systems, Risk Management, or a related field; or at least two years of relevant experience in IT, cybersecurity, cyber risk, security operations, audit, or compliance.
  • Working knowledge of logical and physical security for applications, infrastructure, networks, endpoints, cloud/SaaS services, identity systems, facilities, and operational environments.
  • Current relevant cybersecurity or risk credential, or ability to obtain one within a defined period after hire. Examples include Security+, CySA+, GSEC, GCIH, GCIA, CISSP, SSCP, CISA, CISM, CRISC, CEH, OSCP, GPEN, or similar certification.
  • Understanding of cybersecurity risk management, including risk identification, likelihood, impact, mitigation, acceptance, remediation tracking, and reporting.
  • Understanding of common cyber tactics, techniques, and procedures and related preventive, detective, responsive, and corrective controls.
  • Understanding of vulnerability management, including scanning, validation, prioritization, remediation, exception handling, and reporting.
  • Understanding of identity and access management, including authentication, authorization, privileged access, multifactor authentication, account lifecycle management, and least privilege.
  • Understanding of encryption fundamentals, PKI, certificate management, key management, and common cryptographic implementation weaknesses.
  • Demonstrated ability to use approved artificial intelligence tools responsibly for cybersecurity analysis, documentation, automation, reporting, and decision support, including validating outputs, protecting sensitive information, recognizing AI-related security risks, and following organizational AI use policies.
  • Strong analytical, interpersonal, written, and verbal communication skills, including the ability to document findings and communicate effectively with technical and non-technical stakeholders.
  • Ability to handle sensitive, confidential, and security-relevant information with discretion, integrity, and sound judgment.

Nice To Haves

  • Experience implementing, supporting, or using a vulnerability management platform and risk-based remediation process.
  • Experience with SIEM, EDR, network monitoring, threat intelligence, ticketing, asset inventory, or security orchestration tools or processes.
  • Experience with third-party risk management, vendor reviews, security questionnaires, contract security requirements, or supply chain risk assessment.
  • Experience with cloud, SaaS, or Microsoft 365 security, including secure configuration, identity controls, data protection, logging, and monitoring.
  • Experience with penetration testing, ethical hacking, adversary emulation, or security validation.
  • Familiarity with NIST CSF, CIS Controls, MITRE ATT&CK, CISA guidance, or similar cybersecurity frameworks.

Responsibilities

  • Execute cyber risk, vulnerability management, security monitoring, governance, and incident response support activities.
  • Perform risk and vulnerability assessments of networks, systems, applications, cloud/SaaS services, vendors, and business processes, prioritizing findings by exploitability, asset criticality, business impact, threat intelligence, and compensating controls.
  • Collaborate with business owners, application owners, IT teams, vendors, and operational stakeholders throughout the technology lifecycle.
  • Maintain risk documentation, support control reviews, track exceptions, assist audits, and prepare management reporting.
  • Triage alerts, gather evidence, escalate suspected incidents, support investigations, and recommend corrective actions.
  • Analyze vulnerability data, threat intelligence, network activity, endpoint activity, identity events, and related telemetry for risk or compromise indicators.
  • Support the development, maintenance, and testing of incident response, disaster recovery, business continuity, backup, and emergency response procedures.
  • Recommend improvements to security controls, monitoring, processes, documentation, training, and risk reduction activities.
  • Maintain current knowledge of cybersecurity threats, vulnerabilities, technologies, regulatory expectations, and industry best practices.
  • Prepare clear summaries, dashboards, risk statements, and recommendations for technical, managerial, and executive audiences.
  • Perform other appropriate duties as assigned.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service