Cybersecurity Senior Risk Analyst

Overview

On Site
$DOE
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 24 Month(s)

Skills

PCI
ISO 27001/27002
NIST
risk management or cybersecurity risk assessment
SANS
or CIS
o Certified Information Systems Auditor (CISA) o Certified Information Systems Security Professional (CISSP) o Certified in Risk and Information Systems Control (CRISC) o Certified Information Security Manager (CISM) o CompTIA Security+ o CompTIA Ne

Job Details

Job Title: Cybersecurity Senior Risk Analyst

Duration: 24 months

Location: Brooklyn, NY

Key Responsibilities:

  • Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City;
  • Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise;
  • Work with stakeholders across various divisions, soliciting input and working through feedback;
  • Evaluate risk of third parties used by New York City agencies;
  • Document and track remediation of risks in the Risk Register;
  • Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies;
  • Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines;
  • Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary;
  • Engage in communications with NYC Agencies;
  • Handle special projects and initiatives as assigned.

Required education and experience:

  • A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team.

Desirable Skills/Experience:

BS/BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field.

One or more of the following certifications are a plus:

o Certified Information Systems Auditor (CISA)

o Certified Information Systems Security Professional (CISSP)

o Certified in Risk and Information Systems Control (CRISC)

o Certified Information Security Manager (CISM)

o CompTIA Security+

o CompTIA Network+

o CompTIA A+

o CompTIA CySA+

o Cisco Certified Network Associate - CCNA

o CEH: Certified Ethical Hacker

o GIAC Information Security Fundamentals (GISF)

o GIAC Security Essentials (GSEC)

o (ISC)2 Systems Security Certified Practitioner (SSCP)

Ability to work effectively in a team environment.

Being highly organized, motivated and a self-directed professional.

Knowledge of hardware, software, data, and network principles and systems related to Private and/or Public Sectors services.

Understanding of commonly used computer operating systems, databases, network structures.

Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001/27002, or CIS)

Investigative and analytical skills.

Excellent oral and written communication skills;

Knowledge of the current and evolving cyber threat landscape;

Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.