Cyber Security Risk Analyst

Magnify is seeking a detail-oriented and proactive Cybersecurity Analyst to join our client's Cybersecurity Governance & Risk Team. In this role, you will be responsible for protecting the organization's information systems and data from cyber threats. The ideal candidate will have a strong understanding of cybersecurity principles, regulatory compliance, and risk management.

Position: Cyber Security Risk Analyst

Employment Type: Contract (12 months with possibility of extension)

Location: Remote - must reside in the USA in Eastern or Central Time Zones

Schedule: Mon - Friday 8-5pm EST

Duties

• Perform required risk assessments following regulations to identify and assess risk as well as reduce controls.
• Analyze threat intelligence data to stay ahead of emerging cyber threats.
• Assist with cyber risk processes including risk classification and deep dives.
• Manage a cyber risk register that is aligned with enterprise risk.
• Conduct regular vulnerability assessments and penetration testing to identify potential risks.
• Cyber Engagement: Work closely with other teams such as the Compliance team to deliver required regulatory activities (ex. DORA).
• Management of Policies and Standards: Responsible for supporting preservation and maintenance, review, and publication of cybersecurity policies.
• Maintain and update security documentation, including policies, procedures, and incident reports.
• Ensure alignment with NIST 2.0 framework.
• Assist in the creation and leading of trainings related to cybersecurity for company employees.
• Improve upon trainings and awareness programs to enhance awareness of cyber threats, trends, and best practices across the organization.
• Other duties as assigned.

Requirements

• Bachelor's Degree in Cybersecurity, IT, or related field
• 3-5 years professional experience in cybersecurity, cyber risk, or governance functions
• Experience with regulatory engagement such as GDPR, DORA, SEC etc.
• Experience with cyber risk frameworks such as NIST CSF
• CISSP, CISM, CRISC, CGEIT Certifications highly preferred!
• Experience with GRC platforms, Archer or ServiceNow is a plus!
• Experience in private equity or financial services industry is highly preferred.
• Demonstrated experience in risk identification, assessment, and reporting.
• Familiarity with threat intelligence frameworks and tools.
• Experience with system security plans and compliance requirements.
• Excellent problem-solving skills and attention to detail.
• Strong communication skills to effectively collaborate with cross-functional teams.

Associate

Contract

Information Technology and Analyst

Financial Services and Investment Banking