REMOTE - Security Risk Analyst

  • Posted 9 hours ago | Updated 9 hours ago

Overview

Remote
Depends on Experience
Contract - W2

Skills

security
risk
assessments
NIST
ISO
risk management
cyber
KRI
analyst

Job Details

100% REMOTE - Security Risk Analyst opportunity!

Our client is seeking an experienced Security Risk Analyst for a long term contract opportunity. This position is 100% Remote.

Job Description:
We are seeking an experienced Security Risk Analyst to support our Information Security organization. This role will be critical in advancing key security risk management projects and initiatives. The focus will be on enhancing our Security Risk Management Program, specifically related to IT and Security risks.

The Analyst will participate in security risk assessments (internal and external) and will play a key role in driving improvements to our security framework maturity and identifying/measuring risks. This is a hands-on role requiring strategic thinking, strong collaboration skills, and experience in cyber risk management frameworks and best practices.

Responsibilities:

  • Assist in performing comprehensive security risk assessments, focusing on Security and IT.
  • Lead efforts to identify Security and IT risk management and mitigation efforts and document the results.
  • Collaborate closely with cross-functional teams and lines of business to ensure Security and IT risks and issues are effectively remediated.
  • Maintain risk registers, metrics reports, and other Security and IT risk management documentation.
  • Identify, track, and report on Security and IT -related KPIs (Key Performance Indicators) and KRIs (Key Risk Indicators), providing actionable insights to leadership at all levels.
  • Lead efforts to align with stakeholders at all levels to ensure a comprehensive Security and IT risk management approach.
  • Develop and maintain comprehensive IT and Security risk management procedures, reports, and documentation.
  • Support security framework maturity efforts, such as process improvements and cyber risk quantification.
  • Lead initiatives that enhance cyber risk reduction across the organization.
  • Stay up to date on the latest security risks and threats, risk management trends, and industry best practices.

Qualifications:

  • At least 7 years of experience in IT and security risk management.
  • At least 5 years of experience conducting security risk assessments.
  • At least 3 years of experience communicating and presenting to senior-level management.
  • Experience with risk assessment methodologies and understanding risk assessment processes.
  • Experience developing and reporting on KRIs (Key Risk Indicators).
  • Knowledge of industry-standard security frameworks, such as NIST CSF, NIST RMF, ISO, or CIS.
  • Relevant certifications (e.g., CRISC, CISM, CISSP) are highly desirable.
  • Experience with risk management platforms and tools.
  • Excellent communication, analytical, critical thinking, and interpersonal skills.

Ability to work independently and as part of a team.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.