Cybersecurity Risk Analyst

Job Description: We are seeking a skilled Cybersecurity Risk Analyst to play a pivotal role in driving our cybersecurity strategy and supporting initiatives aimed at identifying, managing, and ultimately reducing cyber threats. The ideal candidate will act as a key resource in managing internal cyber assessments using industry-based cyber control frameworks, and assist in expanding our cyber risk quantification efforts. This individual will leverage their experience with cybersecurity frameworks such as CRI Cyber Profile, NIST CSF, ISO 27001, and MAS, and will utilize quantitative analysis tools such as ISF's IRAM2, FAIR, and others. They will be responsible for analyzing complex data, providing insights, and making actionable recommendations that align with business and customer needs. Responsibilities: Manage and drive internal cyber assessments using industry-standard frameworks (CRI Cyber Profile, NIST CSF, ISO 27001, MAS, etc.). Expand and enhance cyber risk quantification efforts utilizing tools like ISF's IRAM2 and FAIR. Recommend and implement actions to mitigate cybersecurity risks and ensure adherence to relevant standards. Collaborate with the Information Security team and other organizational units to meet cybersecurity objectives. Identify operational roadblocks and ensure timely remediation through countermeasures. Provide strategic direction and guidance on reports and analyses, ensuring alignment with business needs and capabilities. Escalate high-risk change activities for risk treatment as necessary. Serve as a key consultant for the organization on information security infrastructure and support IT areas and business teams. Analyze risk and controls, understanding the cyber threat environment specific to the financial sector. Focus on continuous improvement of cyber hygiene, control completeness, and overall effectiveness. Qualifications: Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent work experience (Advanced degree preferred). Proven experience in Governance, Risk, and Compliance (GRC) within information security or a related technology domain. Experience in the securities or financial services industry is a plus. Strong experience with business intelligence data analysis and reporting platforms, including SQL, DB2, Power BI, Business Objects, Qlik, Tableau, and Excel/PowerPoint. Expertise in logical and physical database design. Strong analytical, troubleshooting, and problem-solving skills. Self-motivated and able to work independently as well as within a team. Conceptual understanding of the System Development Life Cycle (SDLC). Excellent written and verbal communication skills. Ability to manage time effectively and make decisions in high-pressure situations. If you are a motivated individual with expertise in cybersecurity risk analysis and have the ability to work collaboratively across teams, we encourage you to apply. Join us in strengthening our cybersecurity posture and mitigating risks to safeguard our organization's data and infrastructure.

Created: 2026-03-04