Job Description

Welcome to TechProjects! We specialize in IT System integration to help with some of the biggest names in the public sectors around New York state. Our company provides exceptional IT solutions for our clients, while also offering top-notch career opportunities for our employees.

At our firm, we work with a diverse range of clients, from cutting-edge startups to established industry leaders.

If you're a tech professional looking for a challenging and rewarding career, we'd love to hear from you. Our company offers competitive salaries, comprehensive benefits packages, and a range of professional development opportunities. Whether you're a seasoned veteran or just starting out in your career, we have a role that's perfect for you.

Thank you for considering our company as your potential employer. We look forward to hearing from you and discussing the exciting opportunities that await you at our firm.

We are hiring ********* Senior Cybersecurity Risk Management Analyst********************

Title: Senior Cybersecurity Risk Management Analyst

Location: Remote

Duration: 12 Months+

Description:

Senior Cybersecurity Risk Management Analyst Consultant

Overview:

Seeking an experienced Cybersecurity Risk Management Analyst Consultant (8-10 years' experience) to lead risk assessment, governance, compliance, and strategic planning. This role involves cyber risk quantification, policy development, regulatory compliance, and third-party risk management (TPRM) while advising leadership on risk mitigation strategies.

Key Responsibilities:

Cybersecurity Risk Management:

• Conduct risk assessments, threat modeling, and impact analysis (BIA) aligned with NIST, ISO 27001, CIS, COBIT, FAIR.
• Maintain risk registers, mitigation plans, and KRI/KPIs for risk tracking.
• Evaluate third-party/vendor security risks and ensure compliance with SOC 2, GDPR, CCPA, HIPAA, PCI-DSS.

Cyber Governance & Policy Development:

• Develop and maintain cybersecurity policies, procedures, and governance frameworks documents.
• Administer GRC platforms (OneTrust, RSA Archer, ServiceNow GRC).
• Collaborate with executives to integrate risk governance into business strategies.

Regulatory Compliance & Audit Management:

• Ensure compliance with GDPR, CCPA, HIPAA, PCI-DSS, SOX, FedRAMP, NYDFS 23 NYCRR 500.
• Collaborate and support internal/external security audits, ensuring adherence to cybersecurity mandates.
• Participate in cyber risk reporting for regulators, auditors, and executive leadership.

Strategic Risk Planning & Mitigation:

• Collaborate on long-term cyber risk strategies, risk treatment plans, and Zero Trust models.
• Provide insights into emerging threats (AI security, ransomware, supply chain risks).
• Enhance business continuity (BC) and disaster recovery (DR) risk resilience.

Qualifications & Skills:

• 8-10 years in Cyber Risk, Governance, Compliance, and Strategic Planning.
• Strong knowledge of NIST CSF, ISO 27001, COBIT, FAIR, and GRC tools (OneTrust, Archer, ServiceNow GRC).
• Experience with third-party/vendor risk management (TPRM), cloud security, IAM, Zero Trust.
• Excellent executive communication, strategic planning, and risk advisory skills.

Nice to Have:

K-12 cybersecurity experience (FERPA, COPPA, CoSN K-12 Cybersecurity Framework).

Knowledge of education data protection laws and compliance challenges.

Certifications (Preferred):

CISSP, CRISC, CISM, CCSK, CGEIT, OneTrust Certified Privacy & Risk Professional.

Education:

Bachelor's or Master's in Cybersecurity, Risk Management, or related field (MBA preferred).

Job Tags

Similar Jobs