Cyber Security Risk Analyst

The Cyber Security Risk Analyst is required to join an internal IT Cyber Governance group.

Help drive the Cyber Risk Management program by collaborating with stakeholders and Risk Owners to identify and report Cyber and IT Risks in the IRM Platform. Ensure effective Risk Treatment plans are defined and implemented to control and reduce risks.

This position requires a self-driven individual with sound knowledge of business processes, a good understanding of security or IT technologies, and strong communication skills.

This role offers an opportunity to make a significant impact across the company by participating in and driving a key Risk Management program.

• Over five years of experience integrating security into the business, security risk management, information processes, product security, or business architecture.
• Professional security management certifications such as CISSP, CRISC, CISM, CISA, or similar.

• Correlate and analyze information from internal threat intelligence and incident management teams to identify threats, gaps, and untreated risks.
• Review reports such as HARC, Audit, Cyber exemptions, business impact analyses, and non-compliance issues.
• Utilize this information for risk identification and assessment.
• Collaborate with digital and IT teams to conduct business impact analyses and risk assessments.
• Ensure IRM requests and tickets are processed and resolved promptly.
• Work with the Cyber Risk Manager to design, implement, test, and deploy platform improvements and expansions.
• Ensure updates are made to the CSRM Program by owners to keep it on track and aligned with forecasts.