Senior Cybersecurity Risk Management Analyst

About The Position

Requirements

• Bachelor’s Degree in field related to essential duties; or Associate Degree and 2 years of relevant experience; or High School Diploma or General Education Degree (GED) and 4 years of relevant experience.
• 6+ years of professional experience in a cybersecurity or IT governance, risk, compliance, or operations role.
• 1+ years of experience with cybersecurity risk management.
• Demonstrated experience with security risk management and compliance frameworks (e.g., NIST, ISO, HIPAA).
• Experience evaluating risk rating methodologies to appropriately convey the enterprise cybersecurity posture.
• Demonstrable experience conducting risk assessments and facilitating executive level risk discussions.
• Experience managing cybersecurity risks through the risk management lifecycle, in a globally regulated enterprise a plus.
• Solid grasp of security governance, risk, and compliance concepts.
• Technically proficient in performing assigned duties at a high-level of independence under minimal supervision while working within a team environment.
• Demonstrated leadership skills, ability to influence outcomes in a complex environment, where you may/may not have formal reporting responsibility.
• Excellent communication skills, appropriately adapting based on audience needs, through all mediums–verbal, written, presentation, and listening.
• Able to be agile and work with ambiguity.
• Proficient+ in Microsoft Office programs, such as PowerPoint, Excel, Outlook, and Word.
• Demonstrated ability to perform the essential duties of the position with or without accommodation.
• Authorization to work in the United States without sponsorship.

Nice To Haves

• Relevant certification(s) in the field of cybersecurity, risk, audit, or program/project management.
• Experience contributing to the build and continuous improvement of the risk management environment, in a globally regulated enterprise strongly preferred.
• Experience with enterprise GRC management platforms (e.g., ServiceNow, OneTrust); implementation experience a plus.
• Advanced proficiency in program/project management to drive program build efficiently and effectively.
• Experience in healthcare or biotech industries.

Responsibilities

• Support cybersecurity risk management activities by assisting with defined stages of the risk management lifecycle and completing assigned analyses under established methodologies.
• Maintain and contribute to the global cybersecurity risk register.
• Assist management by providing input to cybersecurity risk appetite discussions and support implementation and enforcement efforts–making it relevant to the business on a day-to-day basis.
• Aggregate and evaluate cybersecurity risks to support management and leadership reporting, ensuring accuracy and consistency for various global audiences.
• Build trust and effectively facilitate risk identification/analysis/treatment discussions.
• Proactively obtain information on emerging risks and threats and effectively analyze against the risk posture.
• Support the delivery of risk management education by preparing materials, reinforcing frameworks, and responding to stakeholder questions.
• Work with leadership to support the prioritization of initiatives aligned with strategic goals.
• Act as a resource providing training, guidance, and mentoring to less experienced staff.
• Collaborate with stakeholders to remediate visibility and capability gaps and breakdown roadblocks standing in the way of a robust security posture.
• Enable the maturation of the security program functions within the cybersecurity team and with key business partners.
• Research and summarize industry insights and best practices, along with interpreting impact of requirements from governing authorities.
• Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
• Support and comply with the company’s Quality Management System policies and procedures.
• Maintain regular and reliable attendance.
• Ability to act with an inclusion mindset and model these behaviors for the organization.
• Ability to travel 10% of working time away from work location, may include overnight/weekend travel.

Benefits

• paid time off (including days for vacation, holidays, volunteering, and personal time)
• paid leave for parents and caregivers
• a retirement savings plan
• wellness support
• health benefits including medical, prescription drug, dental, and vision coverage