×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Risk Analyst

Job in Hingham, Plymouth County, Massachusetts, 02043, USA
Listing for: Blue Cross and Blue Shield of Massachusetts, Inc.
Full Time position
Listed on 2026-02-24
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 86310 USD Yearly USD 86310.00 YEAR
Job Description & How to Apply Below

Job Summary

The Security Risk Analyst supports the organization's cybersecurity program by identifying, analyzing, and tracking technology and business risks. This role plays a key part in enabling risk-informed decisions, ensuring that cybersecurity threats are assessed and mitigated in alignment with internal policies and regulatory frameworks.

This role is eligible for our Flex Persona. For candidates local to our Boston, MA and Hingham MA offices.

What We Need

Blue Cross Blue Shield of Massachusetts (BCBSMA) is looking for a Security Risk Analyst to join the Cybersecurity Governance and Assurance Team. The Security Risk Analyst supports the organization's Cybersecurity program by assisting in maintaining its information security and compliance posture. This involves:

  • Supporting governance, risk management, and control assurance activities.
  • Enabling risk-informed decisions under the direction of senior security professionals.
  • Ensuring that cybersecurity threats are assessed and mitigated in accordance with internal policies and regulatory frameworks.
Your Day to Day
  • Cyber Risk Assessments: Conduct risk assessments on applications, systems, business processes, and third parties using structured methodologies (e.g., NIST 800-30, FAIR).
  • Risk Register Maintenance: Document and track identified risks, vulnerabilities, and findings in the security risk register with appropriate severity and ownership.
  • Threat and Vulnerability Correlation: Collaborate with threat intelligence and vulnerability management teams to map technical exposures to business risks.
  • Risk Scoring and Reporting: Use qualitative and quantitative risk models to assess likelihood and impact; support risk dashboards and executive summaries.
  • Residual Risk Analysis: Work with system and control owners to evaluate control gaps, proposed mitigation plans, and residual risk acceptances.
  • Business Impact Analysis (BIA) Support: Contribute to BIAs by identifying cybersecurity risks affecting mission‑critical business functions and services.
  • Security Consultation: Participate in project and change review processes to identify and advise on emerging risks before go‑live (e.g., cloud migrations, new vendors).
  • Policy & Framework Mapping: Assist in mapping identified risks to NIST CSF, HIPAA, ISO 27001, and other frameworks to ensure controls are adequate.
  • Support for Internal/External Audits: Provide risk documentation and evidence in support of internal audit and external compliance obligations (e.g., SOC 2, HITRUST).
  • Risk Review Coordination: Facilitate recurring risk review meetings with IT, business units, and security leadership to track and update mitigation efforts.
We're Looking for
  • Education:

    Bachelors in Cybersecurity, Information Systems, or Risk Management.
  • Experience:

    2‑5 years in cybersecurity, risk analysis, or compliance.
  • Certifications:

    CRISC, CISA, or Security+ preferred.
  • Tools Knowledge:
    Archer, Logic Gate, Service Now GRC, Risk Recon, Splunk, Tenable, Excel/Power BI.
What You Bring
  • Detailed‑oriented with strong sense of accountability.
  • Eagerness to learn information security and governance practices.
  • Ability to analyze complex data, identify patterns, and assess risks.
  • Ability to communicate (written & verbal) and collaborate with various business partners to manage enterprise security risks.
What You'll Gain
  • In‑depth knowledge of security governance frameworks, risk management methodologies, and regulatory compliance requirements.
Minimum Education Requirements

High school degree or equivalent required unless otherwise noted above.

Location

Hingham

Time Type

Full time

Salary Range

$86,310.00 - $

The job posting range is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the posted range, and the range may be modified in the future. An employee's pay position within the salary range will be based on several factors including, but limited to, relevant education, qualifications, certifications, experience, skills, performance, shift, travel requirements, sales or revenue‑based metrics, and business or organizational needs and affordability.

This job is also…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search