Senior Information Security Risk Analyst

  • Posted 20 hours ago | Updated moments ago

Overview

Remote
$60 - $70
Contract - W2
Contract - 12 Month(s)

Skills

Information risk management
standards governance
IT compliance
NIST CSF
NIST 800-53
ISO 27001
CIS Controls
SharePoint
GRC platforms
PMP
CISSP
CRISC

Job Details

We are seeking a Senior Information Security Risk Analyst to support the review, update, and risk assessment of enterprise cybersecurity standards. This role will be central to facilitating cross-functional stakeholder engagement, evaluating technical and operational impact, documenting risk decisions, and guiding standards through the established change management process.
Key Responsibilities:

  • Facilitate the review of the lifecycle of cybersecurity standards.
  • Conduct and document business impact assessments (BIA) for proposed updates to the cybersecurity standards, focusing on operational, compliance, and support implications.
  • Partner with SMEs in Cybersecurity, IT, Compliance, and Audit to validate revisions.
  • Coordinate and document working sessions, gathering stakeholder feedback, and aligning final decisions.
  • Draft, edit, and version-control cybersecurity operational and technical standards documentation.
  • Maintain clear and audit-ready documentation of change rationale, versioning, and governance approvals.
  • Support communication and training coordination planning for standards with operational impact
  • Track and report status across multiple concurrent standards updates
  • Ensure all work aligns with Cybersecurity Standards Management Platform processes and NIST CSF-aligned control frameworks.

Required Skills & Experience:

  • 7+ years in information risk management, standards governance, or IT compliance roles
  • Strong understanding of IT infrastructure, enterprise operations, and risk impact assessment methodologies
  • Experience conducting or supporting business impact assessments (BIA) (technical and business)
  • Proficient in project facilitation, stakeholder engagement, and governance coordination
  • Excellent technical writing skills for standards, procedures, and governance risk documentation
  • Working familiarity with frameworks such as NIST CSF, NIST 800-53, ISO 27001, or CIS Controls
  • Experience using tools like SharePoint or GRC platforms
  • PMP, CISSP, CRISC, or similar certification is a plus

Ideal Candidate Profile:

  • Able to translate standards changes into operational and risk-oriented impacts
  • Comfortable working independently while coordinating across multi-disciplinary teams
  • Strong attention to detail and strong organizational skills, and commitment to documentation quality and follow-through.
  • Thrives in a structured, process and governance-driven environment.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.