Cyber Risk Management Analyst
Brooklyn Heights, New York, United States of America
Full Time
2 weeks ago
No Visa Sponsorship
Key skills
CloudCyber SecurityServiceNowBIPower BIJiraLeadershipRisk ManagementCloud Security
About this role
Role Overview
- Drive enterprise cybersecurity risk management by quantifying risks, assessing control effectiveness, and ensuring alignment with NIST 800-53, FISMA, and DOE policies
- Lead enterprise-wide risk assessments, audits, and user awareness programs
- Maintain and manage the enterprise Risk Register and POA&M lifecycle
- Monitor/report critical cyber risks; use dashboards and metrics to inform leadership
- Design security awareness programs and phishing simulations
- Collaborate with engineers and analysts to define compliance guardrails and prioritize remediation activities
- Generate automated risk metrics, heat maps, and executive-level security reports
Requirements
- Applicant must be a U.S. citizen residing in the U.S.
- This position requires obtaining a clearance through the Department of Education. Applicants must be willing to undergo a background check as part of the hiring process.
- Education: Bachelor’s degree from an accredited university or 5-7 years of relevant experience.
- Experience: 3+ years in GRC, third-party risk management, federal compliance (NIST 800-53, 800-37)
- Certifications: (candidates MUST HAVE obtained at least one)
- CISA (Certified Information Systems Auditor)
- CRISC
- CGEIT
- CISSP
- CompTIA Security+
- CCSK (Certificate of Cloud Security Knowledge)
- CAP/ISC2 CGRC
- Technical Skills:
- GRC platforms (Archer/ServiceNow)
- TPRM tools (OneTrust/Prevalent)
- Awareness platforms (KnowBe4/Proofpoint)
- MS Power BI
- Advanced Excel
- JIRA
Tech Stack
- Cloud
- Cyber Security
- ServiceNow
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Retirement Plan (401k, IRA)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Training & Development