Job Description
We are seeking a Cybersecurity Risk Specialist to join our expanding cybersecurity team. The successful candidate will play a key role in supporting hands-on risk identification and mitigation across internal systems, cloud workloads, and sensitive business processes.
The ideal candidate will have a strong analytical mindset and excellent technical communication skills. They will be responsible for conducting detailed cybersecurity risk assessments aligned to NIST, ISO, and internal methodologies.
This is an exciting opportunity for someone who wants exposure to real-world risk scenarios, security frameworks, and operational risk engineering rather than purely theoretical assessments.
Key Responsibilities
* Facilitate and conduct risk workshops across IT and business teams
* Perform detailed cybersecurity risk assessments aligned to NIST, ISO, and internal methodologies
* Monitor, track, and report on risk treatment plans, KRIs, and KPIs
* Contribute to risk dashboards and executive-level reporting
* Research emerging threats, including AI/ML risk and cloud-related concerns
* Suggest improvements to internal risk frameworks, policies, and governance processes
* Maintain accurate technical notes and documentation of assessment processes
Requirements
* 3+ years in cybersecurity risk management, preferably in regulated industries such as pharma or finance
* Familiarity with NIST RMF, NIST CSF, ISO/IEC 27005, and other cybersecurity risk frameworks
* Understanding of AI/ML risk, data privacy, and emerging regulatory standards
* Strong analytical and reporting skills, with clear technical communication abilities
* Experience supporting cross-functional projects and initiatives
* Comfort working with cloud and hybrid environments
* Demonstrated curiosity and drive to identify risk in complex systems