Technical Security Risk & Governance Analyst

LingaTechHarrisburg, PA
1dHybrid
Match Resume

About The Position

The Technical Security Risk & Governance Analyst supports enterprise cybersecurity initiatives by conducting risk assessments, control testing, and governance activities to ensure security controls are effectively implemented and aligned with established regulatory and industry frameworks. This role collaborates across technical and business teams to strengthen security posture, drive compliance, manage risk remediation, and provide actionable reporting to leadership.

Requirements

  • 3 years of experience in information security, risk management, audit, or a related technical role.
  • Knowledge of security frameworks and standards including NIST CSF/800-53, CIS Controls, ISO 27001, and applicable organizational policies.
  • Experience conducting technical assessments and control testing, with proven ability to validate configurations and interpret vulnerability or security scan results.
  • Experience performing data analysis and dashboard development using tools such as Excel or Power BI, along with strong report writing and presentation skills for senior leadership audiences.
  • Experience using Governance, Risk, and Compliance (GRC) platforms to build workflows, maintain control libraries, and manage risk registers.
  • Experience performing risk analysis and documentation, including developing practical risk treatment plans and managing exceptions with compensating controls.

Nice To Haves

  • Industry certifications such as CISSP, CISM, CRISC, CGRC (CAP), Security+, CCSK/CCSP, or CISA.
  • AWS or Azure cloud security certifications.

Responsibilities

  • Conduct technical security risk assessments across on-premises, cloud (IaaS/PaaS/SaaS), and hybrid environments, documenting risks, impact, likelihood, and mitigation strategies.
  • Perform control design and operating-effectiveness testing aligned with frameworks such as NIST CSF/800-53, CIS Controls, and ISO/IEC 27001.
  • Support Authority to Operate (ATO) activities, security attestations, and continuous monitoring efforts.
  • Facilitate threat modeling and security architecture reviews, providing guidance on secure design practices including network segmentation, IAM, least privilege, encryption, and logging.
  • Maintain and update security policies, standards, procedures, and control libraries to align with evolving regulatory and legislative requirements.
  • Map organizational controls to regulatory mandates and track compliance gaps through remediation planning and follow-up activities.
  • Coordinate internal and external audits, including evidence collection, response preparation, and remediation tracking.
  • Administer and maintain Governance, Risk, and Compliance (GRC) tools to manage risks, exceptions, and issue tracking.
  • Establish governance processes for vulnerability management, including SLA tracking, exception handling, and remediation oversight.
  • Conduct third-party and vendor security assessments, review SOC 2 and ISO certifications, and support security requirements in procurement and contracts.
  • Evaluate data protection, encryption, and privacy risks associated with new technologies, procurements, and system changes.
  • Develop dashboards, metrics, and performance indicators to report on risk posture, control maturity, and vulnerability remediation progress.
  • Produce clear, actionable reports and communicate security risks effectively to both technical and non-technical stakeholders.
  • Promote security awareness and provide targeted training related to secure configuration, privacy practices, and third-party onboarding.
  • Provide risk-based guidance during incident response activities, including root cause analysis and corrective action recommendations.
  • Review change requests to assess security impact and ensure appropriate testing, monitoring, and rollback procedures are in place.
  • Collaborate with cross-functional teams to translate technical findings into business risk and prioritized remediation actions.
  • Support governance reporting, policy lifecycle management, and continuous improvement of security and compliance processes.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Technical Security Risk & Governance Analyst job opportunities

🔥 New JobTechnical Security Risk & Governance Analyst
Novalink Solutions LLC
Novalink Solutions LLC • Middle Paxton Township, PA1d • Hybrid
Security Governance, Risk & Compliance Analyst
ORION
ORION • Lehi, UT13d • $87,448 - $133,873 • Hybrid
Security Governance, Risk & Compliance Analyst
Orion
Orion • Lehi, UT10d • $87,448 - $133,873 • Hybrid
Governance, Risk, and Compliance Analyst
Open Dealer Exchange
Open Dealer Exchange • Southfield, MI8d • Hybrid
Governance Risk & Compliance Analyst Senior
Cottage Health
Cottage Health13d
Governance, Risk, and Compliance Analyst
Open Dealer Exchange
Open Dealer Exchange • Southfield, MI7d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service