Cyber Risk, Compliance & Security Strategy Specialist - Level 3 - Remote

Job Title: Cyber Risk, Compliance & Security Strategy Specialist - Level 3

Role Overview
Seeking a cybersecurity professional to support the development, execution, and monitoring of long-term and short-term cyber risk, compliance, and security strategy initiatives across the information systems and network environment. This role is responsible for helping protect business assets, strengthening business continuity readiness, supporting security governance, and ensuring compliance with corporate, regulatory, and customer requirements.
The ideal candidate will bring hands-on experience in risk assessments, compliance audits, vulnerability assessments, control testing, data analytics, security policy review, stakeholder education, and continuous improvement of cyber defense processes in a dynamic threat landscape.

Key Responsibilities 1. Cyber Risk, Compliance & Security Strategy

• Create, execute, and monitor long-term and short-term cyber risk and compliance strategies aligned to business priorities, corporate requirements, and evolving threat conditions.
• Manage strategy, risk, and compliance activities across information systems, network environments, products, platforms, and supporting security operations.
• Conduct procedures and control activities that support business continuity, operational resilience, and protection of critical assets.
• Promote technology defense concepts, cyber risk strategies, and security methodologies designed to prevent incidents and reduce organizational exposure.

2. Risk Analytics, Assessments & Mitigation

• Perform data analytics on products, code, systems, services, and operational processes to identify cyber risks and opportunities for avoidance, mitigation, or control improvement.
• Translate risk findings into security, compliance, and control requirements for technology builds, solution designs, operational processes, and remediation plans.
• Perform vulnerability assessments and on-demand compliance reviews to identify gaps, prioritize remediation, and monitor closure of risk issues.
• Evaluate effectiveness of deployed security solutions, controls, and processes using measurable indicators and risk-based reporting.

3. Security Compliance, Audit & Control Support

• Manage security compliance activities to ensure corporate, regulatory, and customer requirements are understood, implemented, monitored, and evidenced.
• Perform audits, assessments, and control reviews; document findings, assess impact, and support corrective action planning.
• Provide expertise and feedback on internal control initiatives, audit readiness activities, and compliance documentation.
• Review policies, procedures, standards, and evidence artifacts to ensure alignment with security requirements and governance expectations.

4. Policy Governance, Stakeholder Education & Business Continuity

• Evaluate organizational cybersecurity policies, standards, and guidelines for compliance, effectiveness, and operational applicability.
• Recommend improvements to cyber policies, control practices, security processes, and risk management procedures based on audit results, threat trends, and business needs.
• Educate internal and external stakeholders on security processes, procedures, compliance obligations, and cyber risk management expectations.
• Support business continuity and incident readiness by ensuring security and compliance procedures remain current, practical, and aligned to operational needs.

5. Oversight, Team Coordination & Continuous Improvement

• Manage and coordinate teams supporting cyber risk, compliance, audit, vulnerability assessment, and security governance activities.
• Monitor the evolving threat landscape and assess how emerging risks may impact protected assets, compliance posture, and operational resilience.
• Develop practical improvement recommendations for risk reduction, security control maturity, compliance effectiveness, and audit readiness.
• Prepare clear risk, compliance, audit, and vulnerability reporting for technical stakeholders, business leaders, and governance forums.

Required Skills & Experience Education & Experience

• Associate degree or equivalent experience required; Bachelor s degree preferred.
• Two or more relevant industry certifications preferred, such as CISSP, CISA, CISM, CRISC, Security+, or equivalent risk, audit, compliance, or cybersecurity credentials.
• 7-8 + years of related experience in cyber risk management, security compliance, IT audit, vulnerability assessment, network security, or information security operations.
• Working knowledge of VZ services or similar large-scale enterprise technology, network, or managed services environments.

Technical Capabilities

• Cybersecurity frameworks, risk assessments and management, regulatory compliance, security audits, IT auditing, and security policy frameworks.
• Business planning, IT strategy, enterprise architecture frameworks, change management, priority management, and major incident management.
• Cloud computing, computer security, network administration, vulnerability assessments, control testing, and security compliance monitoring.
• Data analytics for product, code, platform, and operational risk identification, avoidance, mitigation, and reporting.

Soft Skills & Attributes

• Ability to operate in high-pressure incident scenarios
• Strong analytical and investigative mindset
• Excellent stakeholder communication, including interaction with legal counsel and executives
• Ability to bridge offensive, defensive, and intelligence domains
• Strong documentation and reporting skills