Cybersecurity Risk Analyst Role
We are seeking a Cybersecurity Risk Analyst to support hands-on risk identification and mitigation across internal systems, cloud workloads, and sensitive business processes.
Key Responsibilities include facilitating and conducting risk workshops across IT and business teams, performing detailed cybersecurity risk assessments aligned to NIST, ISO, and internal methodologies, monitoring, tracking, and reporting on risk treatment plans, KRIs, and KPIs. Additionally, you will contribute to risk dashboards and executive-level reporting, research emerging threats, including AI/ML risk and cloud-related concerns, and suggest improvements to internal risk frameworks, policies, and governance processes.
This role is ideal for someone who wants exposure to real-world risk scenarios, security frameworks, and operational risk engineering rather than purely theoretical assessments. You will have the opportunity to work with cross-functional projects and initiatives, and be comfortable working with cloud and hybrid environments.
You should have 3+ years in cybersecurity risk management, preferably in regulated industries such as pharma or finance. Familiarity with NIST RMF, NIST CSF, ISO/IEC 27005, and other cybersecurity risk frameworks is also required. Strong analytical and reporting skills, with clear technical communication abilities, are essential. Experience supporting cross-functional projects and initiatives, and comfort working with cloud and hybrid environments, are also required.