IT Cybersecurity Risk Analyst

About The Position

Requirements

• A Bachelors level degree in IT / IS / Cybersecurity or equivalent level of relevant industry experience.
• Must have at least 3 or more years of demonstrable relevant experience in the industry, specifically in the cybersecurity space.
• Core skills must include risk assessment, analytical thinking, communication, and strong knowledge of cybersecurity frameworks, regulatory obligations, and evolving threat landscapes.
• Decision Making & Critical Thinking: Ability to analyze situations accurately and make informed, productive decisions using appropriate tools and judgment.
• Communicating Complex Concepts: Skilled in simplifying and summarizing complex technical information using clear, audience appropriate communication techniques.
• Problem Solving: Able to recognize, anticipate, and resolve organizational or operational issues using structured problem solving methods.
• Project Management: Knowledge of effective planning, organizing, monitoring, and resource coordination to achieve project objectives.
• Technical Excellence: Ability to apply technology knowledge to develop solutions for significant technical challenges.
• Compliance & Assurance: Understands compliance processes and standards; enhances internal controls as requirements evolve.
• Frameworks & Industry Standards: Aligns cybersecurity programs and standards with regulations, business context, and threat landscapes.
• IT Security Policies: Applies security policies, standards, and procedures to ensure compliance.
• Statistical Analysis & Measurement: Uses mathematical and statistical tools to perform accurate analysis and measurement.

Nice To Haves

• OpenFAIR
• CCSK
• CISSP
• CISM
• or equivalent are highly desirable.

Responsibilities

• Monitor and improve IT risk processes, tools, and documentation
• Update risk scenarios, benchmarks, and mitigation strategies
• Maintain the Information Security Management System (ISMS)
• Advise on balancing security controls with business impact
• Conduct cybersecurity risk assessments and identify control gaps
• Document results, prepare management reports, and drive remediation
• Support and train teams on RCSA standards and methodologies
• Develop and maintain data, process, and event based risk models
• Quantify risk, validate models, and communicate findings to stakeholders
• Gather, analyze, and document cybersecurity risk data
• Maintain the risk register and data libraries
• Partner cross functionally to implement risk mitigation
• Stay current on cyber threats, regulations, and industry best practices

Benefits

• Competitive Base Salary (pay will be based on several variables that include, but not limited to geographic location, work experience, etc.)
• Paid Overtime
• Regional Bonus (when applicable)
• Industry-leading Benefit Plans (Medical, Dental, Vision, Rx)
• Paid time off, including vacation, holidays, shutdown
• Company Paid Short-Term and Long-Term Disability
• 401(K) Plan with company match + additional contribution
• Advancement Opportunities
• Career Mobility
• Education Reimbursement for Continued Learning
• Training and Development programs
• Tuition Assistance & Student Loan Repayment
• Lifestyle Account
• Childcare Reimbursement Account
• Elder Care Support
• Wellbeing Program
• Community Service and Engagement Programs
• Product Programs