Job Openings Cybersecurity Risk Analyst

About the job Cybersecurity Risk Analyst

Job Title: Cybersecurity Risk Analyst
Location: Jersey City, NJ (Hybrid) Also open to candidates in Dallas, TX or Tampa, FL
Experience Level: Mid-Senior
Job Type: Contract
Industry: Financial Services

Position Summary:

We are seeking a Cybersecurity Risk Analyst to join our Information Security Risk team. This role focuses on assessing risks across applications (on-prem and cloud), infrastructure, and third-party vendors through a formalized risk assessment program. The ideal candidate is analytical, technically savvy, and experienced in evaluating cybersecurity risks within enterprise environments.

Candidates with a background in the Financial Services industry will be given preference.

Key Responsibilities:

  • Develop and maintain risk assessment questionnaires tailored to applications and infrastructure (on-prem & cloud).
  • Conduct cybersecurity risk assessments using a defined risk framework and methodology.
  • Identify and document control deficiencies in business processes and technology systems.
  • Partner with IT and business units to communicate risks and agree on findings and mitigation plans.
  • Provide actionable remediation recommendations for identified control gaps.
  • Evaluate and validate management responses to ensure sufficient risk mitigation.
  • Generate assessment reports and risk dashboards for stakeholders.
  • Document risk issues in the designated risk register.
  • Guide stakeholders through policy exceptions and risk acceptance processes.
  • Contribute to process improvements for the risk assessment program.

Required Skills & Experience:

  • 5+ years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management.
  • Strong grasp of Information Risk Management best practices.
  • Technical understanding of infrastructure, networks, databases, systems, and their cybersecurity implications.
  • Experience in the Financial Services industry is a plus.
  • Knowledge of security methodologies, policies, standards, and cybersecurity best practices.
  • Ability to communicate technical concepts to both technical and non-technical audiences.
  • Proficiency with MS PowerPoint and Excel for presentations and data analysis.
  • Strong analytical, critical thinking, and organizational skills.
  • Demonstrated ability to work collaboratively and influence decision-making.
  • Strong writing and communication skills, with the ability to adapt tone for various audiences.

Preferred Education & Certifications:

  • Bachelors degree in a related field preferred.
  • Industry certifications such as CISSP, CISM, CRISC, or CCSP are a plus.

Or refer someone