×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Business Analyst

Cyber Risk Analyst

Job in Addison, Dallas County, Texas, 75001, USA
Listing for: Semperis
Full Time position
Listed on 2025-12-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 90000 - 120000 USD Yearly USD 90000.00 120000.00 YEAR
Job Description & How to Apply Below

At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc.

5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.


** Please Note all Requirements! Hybrid role


** We cannot sponsor at this time

Semperis is looking for a detail-oriented and analytical Cyber Risk Analyst to join our Security & Risk team. In this role, you will play a crucial part in safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology. You will collaborate with cross-functional teams and third-party vendors and providers, to request, collect, and analyze pertinent information and collateral, assess Cyber Risks, and recommend or require effective Cyber Risk control strategies.

Position

Summary

The Technology Risk Analyst is responsible for protecting the organization by identifying, assessing, and mitigating risks across our technology environment, including applications, infrastructure, and third-party vendors. They use data and analytical models to forecast potential outcomes, advise management on strategic decisions, and develop control plans to minimize losses. A critical function of this role is to manage technology risk ensuring all deviations from policy & standards are properly documented, compensated, and reviewed.

This role requires strong familiarity with GRC concepts, modern GRC tools, and hands‑on experience in risk analysis mitigation and compliance assurance.

Key Responsibilities

  • Risk Identification & Assessment: Conduct technology risk assessments across new and existing applications, Review submitted risk exception requests, validate technical necessity, evaluate proposed compensating controls, and assign residual risk ratings (High, Medium, Low).

  • Documentation: Ensure comprehensive, auditable documentation is maintained for all approved, denied, and conditionally approved exceptions, including mandatory review dates and resolution plans.

  • Data Analysis and Modeling
    :
    Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios, forecast potential outcomes, and evaluate Cyber Risk exposure. Translate technical findings into clear, measurable business risk statements for audience in multiple disciplines including leadership, customers and technical delivery teams.

  • Monitoring: Track risk plan milestones and drive issue management initiating timely follow‑ups with Business Owners to ensure our controls are adequate, compliance is assured and overall risk goals are met.

  • Remediation Support: Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid identified Cyber Risks - such as implementing new policies, controls, or processes. Collaborate with other teams to define and prioritize remediation efforts based on risk severity and business impact.

  • Process improvement: Improve and automate Risk management process, working with the security and risk leadership teams.

Third Party Risk Management (VRM)

  • 3rd party Due Diligence: Perform security assessments of new and existing third‑party vendors and service providers, reviewing security attestations (e.g., SOC 2, ISO 27001) and security questionnaires.

  • Risk Analysis: Assess incoming compliance artifacts provided by third parties and research external sources to develop comprehensive risk assessments including risk scoring metrics.

  • Risk Reporting: Document and communicate inherent and residual risks associated with vendor reliance and data handling practices. Prepare detailed reports, summaries, and presentations for management and stakeholders to communicate findings, recommendations, and trends.

GRC Automation & Process Improvement

  • Tooling: Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows, automate…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search