×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Cybersecurity Risk Assessment Analyst, Lead

Job in Baltimore, Anne Arundel County, Maryland, 21240, USA
Listing for: OneMain Financial
Full Time position
Listed on 2026-02-23
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Position: Cybersecurity Application Risk Assessment Analyst, Lead

The Cybersecurity Risk Assessment Analyst is responsible for identifying, assessing, and managing cybersecurity risk associated with enterprise applications used across the organization. This role executes risk assessments according to a defined risk-based schedule, assigns risk tiers, and validates that appropriate security controls are designed and operating effectively in alignment with the assigned risk level.

This position plays a critical role in ensuring that application-related risks are identified early, clearly articulated, and remediated in partnership with control owners and business stakeholders. The Analyst must be able to translate the risks into clear, actionable insights for both technical and non-technical audiences while maintaining audit-ready documentation aligned with regulatory and industry expectations.

The ideal candidate combines strong technical cybersecurity knowledge with sound risk judgment, regulatory awareness, and the ability to balance security requirements with business priorities.

Responsibilities:

  • Perform comprehensive cybersecurity risk assessments of applications in accordance with a defined risk-based assessment schedule.
  • Validate that security controls are appropriately designed and implemented in alignment with assigned risk ratings.
  • Identify control gaps and partner with technology, identity and access management, infrastructure, and business teams to develop and implement remediation plans.
  • Evaluate and assess controls related to:
    • Identity and Access Management (IAM), including MFA, SSO, privileged access, role-based access controls, and access certifications
    • Logging, monitoring, and audit trail capabilities
    • Encryption in transit and at rest
  • Communicate risk findings and recommendations to stakeholders at varying levels of technical expertise, including senior leadership.
  • Contribute to continuous improvement of the application risk assessment methodology, tooling, metrics, and reporting.
  • Develop and maintain metrics to measure program effectiveness and risk trends.
  • Prepare clear, defensible, and audit-ready risk documentation suitable for regulatory review (e.g., NYDFS, NIST, SOC
    2).
  • Support internal and external audits by providing evidence, documentation, and subject matter expertise.
  • Maintain application risk assessment program procedures and documentation.
  • Stay current on evolving cyber threats, regulatory expectations, and industry best practices.

Qualifications:

  • 3–7+ years of experience in cybersecurity risk assessments, IT risk management, control testing, audit, or information security.
  • Strong technical understanding of:
    • Identity and Access Management (IAM)
    • Authentication and authorization controls (MFA, SSO)
    • Logging and security monitoring
    • Encryption standards and key management
    • Application security fundamentals
  • Experience identifying control deficiencies and driving remediation efforts across cross-functional teams.
  • Working knowledge of cybersecurity frameworks and regulations such as, NIST Cybersecurity Framework (CSF), NYDFS 23 NYCRR 500, CIS Controls, SOC 2.
  • Experience preparing documentation suitable for regulatory and audit review.
  • Strong analytical and critical thinking skills with the ability to assess technical risk within a business context.
  • Excellent written and verbal communication skills, including the ability to explain cyber risk to non-technical stakeholders.
  • Ability to manage multiple assessments simultaneously in a structured and organized manner.

Who we Are

One Main Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we’ve looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.

Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we’re committed to an inclusive culture, career development and…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search