Sr Risk Management Analyst

About The Position

Requirements

• Passion for Risk Management.
• 3+ years of experience in Governance, Risk, and Compliance (GRC) roles; minimum 1year of direct Business Continuity Planning/Disaster Recovery experience required
• Experience conducting Business Impact Assessments (BIA) and developing recovery strategies
• Excellent analytical skills with the ability to assess complex problems, analyze data, and develop practical solutions.
• Strong sense of accountability with the ability to work independently with minimal direction and follow-up.
• Experience in designing controls (capabilities) and measures to determine if controls are operating effectively.
• Experience with security frameworks such as the NIST Cybersecurity Framework.
• Strong written and verbal communication skills including the ability to translate technical topics to non-technical audiences.
• Effectively manage time and prioritize tasks to ensure timely completion of multiple projects while maintaining high quality and attention to detail.
• Project management skills with the ability to prioritize and manage various tasks, multiple projects simultaneously, and operational deliverables.
• Willing to be flexible to support the team as needed.
• High level of integrity, professionalism, and attention to detail.

Nice To Haves

• Experience with compliance regulations (examples include PCI, HIPAA, NY DFS Regulation 500, NAIC model laws, and privacy)
• Holds or is working towards one or more of the following certifications: CISSP, CISM, CRISC, or any other related/relevant certifications.

Responsibilities

• Identify opportunities to streamline and enhance GRC processes. Stay curious and proactive in exploring new solutions and methodologies to improve the organization’s risk management and compliance practices.
• Execute risk assessments including scoping, threat and risk scenario identification, and all aspects of the risk assessment process. Identify areas of opportunity to reduce residual risk to a level consistent with risk appetite, and collaborate with Risk Management Manager, CISO and other security team members to build out the security capability road map.
• Support teams in conducting Business Impact Analysis (BIA), assist in planning recovery tests, and provide expert consultation to strengthen business continuity and disaster recovery (BCDR) strategies.
• Identify and analyze single points of failure in business processes, systems, and infrastructure, and collaborate with relevant stakeholders to implement risk mitigation strategies.
• Contribute to the management and maturity of our third-party risk management program.
• Support Service Organization Control (SOC 2, SOC 1) program through evidence gathering, testing, and coordination with auditors and stakeholders
• Execute the security awareness program.
• Work collaboratively and Support cross-functional teams in assessing and mitigating risks related to regulatory compliance, data privacy, information security, and business continuity.
• Strong desire to drive efficiencies, make risk-based decisions, implement automation, and recommend and track meaningful KPIs and KRIs.
• Development and administration of Coterie’s Information Security Program documents including policies, standards, plans and controls library.
• Ability to work independently on complex programs and assignments with diverse teams and perform other duties as assigned.

Benefits

• 100% remote
• Health insurance through Aetna (we pay 100% of premiums)
• Dental and vision insurance through Guardian (we pay 100% of premiums)
• Basic life insurance (we pay 100% of premiums)
• Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
• 401K plan (up 4% match with immediate vest). Must be 21 years of age or older to participate
• Flexible PTO policy offering up to 3 weeks of time off to support onboarding and integration during the first twelve months of employment. After the first year of employment and effective as of the anniversary date, eligibility transitions to up to 4 to 5 weeks of time off annually to recharge and sustain long-term success.
• 12 company-paid holidays each year
• Continuing education annual stipend
• Annual salary estimated between $110,000-120,000 based on national data. Candidates who meet all the minimum requirements and possess additional relevant experience, as outlined in the job description, may be considered for a salary above the midpoint of the above range. Salary is based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; degrees or certifications, etc.