Cybersecurity Analyst
About The Position
At Russell Investments, our purpose is to improve financial security for people. We are seeking a Cybersecurity Analyst to advance our Human Cyber Risk Management program while supporting enterprise-wide risk and compliance efforts. This role is instrumental in strengthening the organization’s security posture by promoting secure behaviors, managing user-centric risk initiatives, and addressing regulatory and client-facing cybersecurity requirements. The ideal candidate combines expertise in security awareness with a strong understanding of human risk dynamics and core risk management practices and demonstrates the ability to collaborate effectively across global teams.
Requirements
- 3+ years of experience in cybersecurity, with exposure to both security awareness and GRC functions
- Demonstrated experience running security awareness programs and phishing simulations
- Familiarity with user access, service accounts and non-human identities review processes and identity/access governance concepts
- Experience completing or contributing to security questionnaires (e.g., DDQs, RFPs, client assessments)
- Strong understanding of cybersecurity principles, threats, and human risk factors
- Excellent written and verbal communication skills, with the ability to translate technical concepts for non-technical audiences
- Experience with security awareness platforms, phishing simulation tools, and GRC systems
- Understanding of Identity and Access Management (IAM), including authentication, authorization, and governance
- Knowledge of Privileged Access Management (PAM) and least privileged principles
- Familiarity with automation and scripting to support security and risk processes
- Working knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls
Nice To Haves
- Drives behavior changes through effective, targeted communication
- Applies a pragmatic approach to prioritize and manage cyber risk
- Leverages data and metrics to inform decisions and improve programs
- Partners effectively across global, cross-functional teams
- Simplifies complex cybersecurity concepts for diverse audiences
Responsibilities
- Deliver and continuously enhance security awareness programs, including quarterly, threat-informed campaigns
- Execute phishing simulations, including scenario design, targeting, and performance analysis
- Support Cybersecurity Awareness Month and other enterprise-wide engagement initiatives
- Maintain internal cybersecurity resources to promote accessible guidance and best practices
- Contribute to external cyber trust centers/client assurance portals, ensuring accurate and current content
- Monitor and report on human risk metrics, providing actionable insights to stakeholders
- Partner with HR and Internal Communications to strengthen security culture and drive behavior change
- Support user access reviews (UARs), service accounts and non-human identities review ensuring coordination, completion tracking, and audit readiness
- Respond to client due diligence questionnaires (DDQs) on cybersecurity practices
- Support audit activities, including evidence collection and remediation tracking
- Support policy exceptions and technology risk issue tracking and remediation
- Partner with IT, Risk, Legal, and Business teams to align security initiatives
- Support client-facing teams with cybersecurity communications and inquiries
Benefits
- annual performance bonus
- healthcare
- retirement
- vacation
- wellbeing programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
