Cybersecurity Risk Analyst (GRC / ServiceNow IRM)

About The Position

Requirements

• Bachelor’s and 10 years of experience
• Knowledge of cybersecurity risk management principles.
• Experience supporting governance, documentation, and program operations.
• Strong analytical, documentation, and organizational skills.
• Ability to manage multiple deliverables and recurring reporting deadlines.
• Must be able to obtain and maintain Public Trust Clearance
• Must be a US Citizen

Nice To Haves

• Experience with ServiceNow IRM or similar GRC platforms.
• Familiarity with federal cybersecurity programs and governance structures.
• Experience supporting enterprise risk management initiatives.

Responsibilities

• Cybersecurity Risk Register Management:
• Maintain the Cybersecurity Risk Register within ServiceNow Integrated Risk Management (IRM), including:
• Creation and updates of risk statements and issues
• Risk assessments and data quality reviews
• Risk remediation tracking and monitoring
• Maintenance of process flows and reports using out-of-the-box (OOTB) IRM capabilities
• Support daily updates and ongoing accuracy of cybersecurity risk data.
• CSRM Governance Administrative Support:
• Support the operations of CSRM governance bodies, including:
• Security Review Board (SRB)
• Cybersecurity governance committees (current and future)
• Develop and maintain governance artifacts, including:
• Charters (annual reviews and updates)
• Standard Operating Procedures (SOPs)
• Meeting agendas, read-ahead materials, and detailed meeting notes
• Governance membership lists
• Maintain collaboration sites in Microsoft Teams and other collaboration platforms as required.
• CSRM Program Documentation Maintenance:
• Review and update CSRM Program documentation at least annually and as needed, including:
• Cyber Risk Management Strategy
• Concept of Operations (ConOps)
• SOPs
• Governance charters
• Program briefs, presentations, and reports
• Confluence site content

Benefits

• We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more.
• We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development.
• Reimbursement amounts may fluctuate due to IRS limitations.
• We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking.
• We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.
• We work hard; we play hard.
• Kentro is committed to incorporating fun into every day.
• We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations.
• In alignment with our commitment to our communities, we also host and attend charity galas/events.
• We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.