Cyber Security Analyst
United States
Full Time
1 week ago
H1B Sponsor
Key skills
Cybersecurity principlesRisk evaluationVendor risk assessmentNIST CSFNIST 800-53GRC platform experienceArcher IRM familiarityBlack Kite experienceStakeholder communicationRisk documentationManaging multiple assessmentsTechnical writingRisk Management
About this role
Global Technical Talent is a minority-owned staffing firm supporting various sectors across the U.S. The Cyber Security Analyst will evaluate and assess cybersecurity risks associated with new technologies and vendor solutions, focusing on risk assessment, vendor security review, and governance support to ensure compliance with security standards.
Responsibilities:
- New Technology & Solution Security Reviews:
- Security Attestation & Third-Party Assessment:
- Third-Party Risk Management (TPRM) Program Support: Assist in developing and enhancing the statewide TPRM program. Utilize tools such as Black Kite for vendor monitoring, risk scoring, and vendor tiering. Support development of policies, templates, and processes that improve third-party risk evaluation
- Governance, Risk & Compliance (GRC) Platform Support: Utilize the Archer IRM platform to document risk assessments, waiver reviews, and remediation tracking activities. Contribute to workflow improvements, data accuracy, and reporting capabilities to strengthen enterprise risk governance
- Waiver Review & Technical Risk Analysis: Assist with evaluating cybersecurity waiver requests that require deeper technical analysis. Document findings, assess potential impacts, and recommend mitigation strategies for risk acceptance decisions
- Risk Register Management & Remediation Tracking: Maintain the statewide security risk register, ensuring risks are properly documented and categorized. Track remediation progress, validate completion of mitigation efforts, and escalate overdue remediation tasks when necessary
Requirements:
- Demonstrated experience in cybersecurity analysis, risk evaluation, or security architecture review
- Experience reviewing vendor or third-party security documentation and identifying control gaps
- Experience supporting technology security assessments or risk management initiatives
- Strong analytical and documentation skills with the ability to communicate risk findings effectively
- Cybersecurity principles and best practices
- Knowledge of security frameworks such as NIST CSF and NIST 800-53
- Vendor and third-party risk assessment
- Experience working with government cybersecurity environments (local, state, or federal)
- Experience using Governance, Risk, and Compliance (GRC) platforms such as Archer
- Experience working with third-party risk monitoring tools such as Black Kite