Cybersecurity Risk Analyst

The Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks across organizational systems, applications, and processes. This role supports security governance, risk assessments, and compliance initiatives to protect organizational assets and ensure alignment with regulatory and industry standards. The position operates fully remotely and requires strong analytical skills, technical cybersecurity knowledge, and the ability to communicate risk effectively to both technical and non-technical stakeholders.

This position is strictly limited to candidates who currently reside in the United States and are legally authorized to work in the U.S. Applications from individuals residing outside the United States will be rejected.

• Conduct cybersecurity risk assessments across infrastructure, applications, and third-party vendors
• Identify threats, vulnerabilities, and security gaps and assess potential business impact
• Develop risk reports, dashboards, and mitigation recommendations for leadership
• Collaborate with IT, compliance, and security teams to implement risk remediation strategies
• Monitor and evaluate cybersecurity controls to ensure effectiveness and compliance
• Support governance, risk, and compliance (GRC) activities and audit preparation
• Maintain risk registers and track remediation efforts to completion
• Analyze security incidents and contribute to post-incident risk evaluations
• Stay current on cybersecurity threats, regulations, and industry best practices
• Assist in developing security awareness and risk management policies

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field
• 3–5 years of experience in cybersecurity, information security, or risk analysis roles
• Strong understanding of risk assessment methodologies and cybersecurity frameworks
• Knowledge of security principles including network security, identity management, and data protection
• Experience with risk management tools or GRC platforms
• Strong analytical and problem‑solving skills
• Excellent written and verbal communication abilities
• Ability to work independently and collaborate effectively in a remote environment

• Professional certifications such as CISSP, CISM, CRISC, Security+, or equivalent
• Experience with cloud security (AWS, Azure, or GCP)
• Knowledge of regulatory requirements (HIPAA, PCI‑DSS, GDPR, etc.)
• Experience conducting third‑party/vendor risk assessments

• Performance-Based Bonus:
  Eligible depending on organizational and security objectives
• Comprehensive medical, dental, and vision insurance
• 401(k) retirement plan with employer matching
• Paid time off, paid holidays, and sick leave
• Life, short‑term, and long‑term disability insurance
• Professional development, security certifications, and training reimbursement
• Employee wellness and assistance programs

• Must be legally authorized to work in the United States
• Must currently reside within the United States
• Applications from candidates outside the U.S. will not be considered