Overview
Cohesity is the leader in AI-powered data security. Over 13,600 enterprise customers, including over 85 of the Fortune 100 and nearly 70% of the Global 500, rely on Cohesity to strengthen their resilience while providing Gen AI insights into their vast amounts of data. Formed from the combination of Cohesity with Veritas’ enterprise data protection business, the company’s solutions secure and protect data on-premises, in the cloud, and at the edge. Backed by NVIDIA, IBM, HPE, Cisco, AWS, Google Cloud, and others, Cohesity is headquartered in Santa Clara, CA, with offices around the globe. We’ve been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design, and our culture.
Want to join the leader in AI-powered data security?
Responsibilities
We are looking for a technically skilled Cyber Risk Senior Analyst to support our cybersecurity risk management program. This individual will play a critical hands-on role in identifying, assessing, and mitigating cyber risks across our technology landscape. This is a great opportunity to build hands-on technical and risk management expertise in a growing, fast-paced technology company. You will gain cross-functional exposure, contribute to meaningful control improvements, and work alongside an experienced cybersecurity team that values collaboration, continuous learning, and practical impact.
* Contribute to the identification, assessment, and analysis of cyber risks across infrastructure, cloud, applications, and business systems.
* Support the implementation and validation of technical controls to mitigate identified risks, working with Security Engineering, IT, and Product teams.
* Maintain and update the cyber risk register, including technical context, likelihood, and potential business impact.
* Assist in the quantification of cyber risks, contributing to probability estimates and business impact modelling.
* Collaborate with control owners to ensure timely remediation and tracking of risk treatment plans.
* Participate in risk scenario modelling to understand potential outcomes and control effectiveness.
* Provide input into security governance forums and assist in the creation of risk dashboards and reports for stakeholders.
* Monitor changes in the threat landscape and internal environments to reassess control effectiveness and risk posture.
* Provide technical support during audits, compliance reviews, and internal risk assessments.
* Promote risk awareness and provide guidance on security control requirements, especially in line with NIST, ISO 27001, and other frameworks.
Qualifications
WE'D LOVE TO TALK TO YOU IF YOU HAVE MANY OF THE FOLLOWING:
* 4–6+ years of experience in cybersecurity, cyber risk analysis, or technical control implementation.
* Practical experience implementing or operating security controls across areas such as endpoint security, vulnerability management, identity and access management, cloud security, or network security.
* Solid understanding of risk management principles, including risk likelihood and impact analysis.
* Familiarity with cyber risk frameworks such as NIST RMF, ISO 27005, or Open FAIR (hands-on experience is a plus).
* Ability to translate technical security issues into risk language understandable by business stakeholders.
* Experience working with GRC platforms (e.g., ServiceNow, Archer, OneTrust) or risk tracking tools.
* Strong written and verbal communication skills, with attention to detail in documentation and reporting.
* Bachelor's degree or equivalent experience in Cybersecurity, Information Technology, Risk Management, or a related field.
* Exposure to risk quantification methods, including FAIR.
* Experience supporting audit, compliance, or cyber insurance processes.
* One or more industry certifications (e.g., CISSP, CISM, CRISC, Security+, ISO 27001 Lead Implementer).
* Experience working in cloud-first or DevOps environments.
* Understanding of relevant regulations and data protection standards (e.g., GDPR, HIPAA, SOX).
Privacy and EEO
Data Privacy Notice for Job Candidates: For information on personal data processing, please see our Privacy Policy.
Equal Employment Opportunity Employer (EEOE): Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law. If you require a reasonable accommodation to complete any part of the application process, or need an alternative method for applying, you may contact us at 1-855-9COHESITY or talent@cohesity.com.
In-Office Expectations: Cohesity employees who are within a reasonable commute work out of our core offices 2-3 days a week.
Interested candidates based outside of the designated areas are welcome to apply, provided they have the right to work in the job location.
#J-18808-Ljbffr