Sr Info Security Risk Analyst I - Hybrid

Join Our Team as an Information Security Risk Analyst!

Syneos Health is a leading fully integrated biopharmaceutical solutions organization built to accelerate customer success. We translate unique clinical, medical affairs and commercial insights into outcomes to address modern market realities.

Every day we perform better because of how we work together, as one team, each the best at what we do. We bring a wide range of talented experts together across a wide range of business-critical services that support our business. Every role within Corporate is vital to furthering our vision of Shortening the Distance from Lab to Life.

Discover what our 29,000 employees, across 110 countries already know :

WORK HERE MATTERS EVERYWHERE

Are you passionate about cybersecurity and ready to make a significant impact? We are looking for a talented Information Security Risk Analyst to join our dynamic team at Syneos Health. If you have a keen eye for detail, a deep understanding of security control frameworks, and a drive to stay ahead of the evolving threat landscape, we want to hear from you!

JOB RESPONSIBILITIES

• Serves as a member of the working team for Risk Management within the Governance, Risk, and Assurance (GRA) function.
• Evaluates and manages security exception requests, ensuring compliance with security standards and mitigating associated risks.
• Conducts information security risk assessments of internal processes, and IT solutions as an information security risk subject matter expert.
• Prepares security exception risk profile and reports to relevant stakeholders.
• Collaborates with cross-functional teams to ensure risk management practices align with business objectives and compliance requirements.
• Identifies, analyzes, assesses, monitors, and tracks risks in the information security risk register.
• Monitors, tracks, and manages risk mitigations and exceptions to ensure cyber security policies and standards are established, implemented, and followed.
• Collaborates with internal stakeholders (Security Operations, Technology Solutions, Privacy, Regulatory & Compliance, etc.) as part of the risk management program.
• Participates in ad-hoc, non-systematic risk assessment requests.
• Stays updated with the latest cybersecurity trends, emerging threats, and industry developments to provide proactive risk mitigation recommendations.

Qualifications

QUALIFICATION REQUIREMENTS

• Bachelor's degree in computer science, Information Security, or a related field is required. Relevant certifications such as CISSP, CRISC, or ISO 27001 auditor will be considered as a plus.
• Minimum 3 years' experience working as an Information Security Risk Analyst or in a similar role focused on information security risk management.
• Possess strong process knowledge, and ability to design and / or improve risk management processes.
• Experience in utilizing tools for risk profile data collection is desirable.
• Good knowledge of cybersecurity principles, governance, and regulatory compliance.
• Deep understanding of risk assessment methodologies, vulnerability management, and security control frameworks (e.g., NIST RMF and CSF, ISO 27001, COBIT).
• Familiarity with security controls, technologies, and best practices to mitigate cyber risks.
• Proficient in Microsoft Office (Excel, PowerPoint, Word).
• Demonstrate sound judgment and decision-making skills when dealing with complex cybersecurity risks.
• Strong communication and interpersonal skills to collaborate effectively with cross-functional teams and stakeholders.
• Ability to work independently as well as collaboratively in a team environment, prioritize tasks, and manage time effectively.
• Excellent analytical and problem-solving skills.