Summary
Senior Risk Management Analyst responsible for leading enterprise cybersecurity risk management initiatives, designing assessment methodologies and operational standards, and serving as a trusted advisor to senior leadership. This role directs third-party risk assessments and audit engagements while aligning risk activities with strategic business objectives. The position operates in a hybrid setting and influences enterprise GRC platform implementations and integrated control frameworks.
Responsibilities
- Design comprehensive assessment methodologies for enterprise cybersecurity risks
- Develop operational standards and quality criteria for risk management processes
- Create operational workflows that maintain audit trail integrity and regulatory compliance
- Implement integrated controls across multiple technology and business domains
- Manage third-party risk assessments and external audit engagements
- Serve as primary liaison with external auditors and risk stakeholders
- Lead senior stakeholder workshops and facilitate decision making on risk tolerance and treatment
- Coordinate cross functional risk initiatives across Security, IT, Legal, and Business teams
- Contribute to strategic vision and roadmap for Enterprise Risk Management
Requirements
- 6 years of cybersecurity risk management experience minimum
- Proven experience designing and implementing enterprise level risk methodologies
- Experience managing external audit engagements and vendor security evaluations
- Bachelor's or Master's degree in related field or equivalent experience
- Knowledge of frameworks such as NIST CSF, ISO 27001, NIST RMF, SOC 2, PCI DSS
- Experience with operational workflow design and process optimization for risk management
- Strong stakeholder management and communication skills including presentations
- Ability to make significant commitments within enterprise governance structures
We have summarized this job description for you, click apply to see more details from the employer.
