Overview
Remote
Depends on Experience
Accepts corp to corp applications
Contract - W2
Contract - 6 Month(s)
Skills
Cyber Security Risk Analyst
NIST
ISO 27001
SOC 2 security frameworks
CISSP
CISA
CRISC
CTPRP
Job Details
Cyber Security Risk Analyst
Location REMOTE / Need consultants local to CA
Tentative Duration - 6 months +
Overview:
The Cyber Security Risk Analyst is primarily responsible for ensuring comprehensive vendor and software risk assessments. The candidate will work closely with Project Management Office teams and IT Procurement to understand requirements and collect information from vendors to complete fully-informed assessments. A secondary responsibility of the Cyber Security Risk Analyst is collection and prioritization of vulnerability scan results for dissemination to other teams.
Key responsibilities:
- Conducts vendor risk assessments and third-party risk management
- Works closely with project teams and IT procurement to determine implementation plan and scope
- Works closely with IT Procurement and software requestors to gather information on desired use cases and available vendor security guidance
- Familiarity with NIST, ISO 27001, and SOC 2 security frameworks
- Strong organizational skills required to inventory and track past assessments and schedule annual reassessments
- Strong understanding of vulnerability management, including CVSS scoring and CVE tracking
- Assignment of risk ratings and identification of mitigations
- Strong report writing and risk communication skills
Requirements:
- B.S. in Computer Science or Cyber Security strongly preferred
- Minimum 5 years providing risk assessment in a medium to large enterprise environment
- CISSP, CISA, CRISC, and CTPRP certifications preferred
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.