×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Senior Cyber Risk Analyst

Job in Raleigh, Wake County, North Carolina, 27601, USA
Listing for: First Citizens
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Overview

The Senior Cybersecurity Risk Analyst is responsible for conducting comprehensive risk assessments for security exceptions, which represent deviations from established information security standard requirements. This role performs deep-dive evaluations of key risk data points, analyzes factors contributing to likelihood and impact, and determines inherent risk exposure. The analyst will also assess the effectiveness of existing and proposed controls, ensuring that risk decisions are well-informed, evidence-based, and consistently documented.

The ideal candidate is a seasoned cybersecurity professional with broad domain knowledge, strong analytical skills, and the ability to communicate effectively with senior leaders across technical and business functions.

Remote eligible.

Responsibilities
  • Risk Assessment of Security Exceptions:
    Conduct end-to-end risk assessments for exceptions to information security standards, including detailed analysis of key risk data points, threat scenarios, and compensating controls. Evaluate likelihood and impact factors using defined methodologies to determine inherent risk ratings. Document assessment results clearly and comprehensively, including rationale, evidence, and recommended risk treatments. Ensure consistency and repeatability in risk scoring across the security exceptions portfolio.
  • Control Effectiveness & Validation:
    Perform control effectiveness assessments on security controls leveraged within risk assessments. Review supporting documentation, evidence, and control designs to ensure applicability to standard exceptions.
  • Evidence Collection & Analytical Review:
    Gather and analyze technical and procedural evidence from system owners, SMEs, and business units. Review architecture diagrams, vulnerability reports, IAM configurations, network flows, and other technical artifacts to inform risk decisions. Maintain high-quality documentation that is audit-ready and aligned with regulatory expectations.
  • Stakeholder Engagement:
    Facilitate conversations with senior leaders, system owners, architects, SMEs, and risk teams to ensure clarity of risk posture and decision-making. Present complex cybersecurity concepts in a clear, concise manner appropriate for both technical and non-technical audiences. Provide subject matter expertise on security exceptions governance, risk methodology, and best practices.
  • Governance & Continuous Improvement:
    Contribute to the enhancement of risk assessment methodologies and operations. Support audit and regulatory inquiries by providing well-structured documentation and risk analysis rationale. Identify opportunities for process and control improvements across the cybersecurity risk and exceptions lifecycle.
Qualifications

Bachelor's Degree and 4 years of experience in Risk management, or financial analysis, or statistical modeling OR High School Diploma or GED and 8 years of experience in Risk management, or financial analysis, or statistical modeling

Required Qualifications:

  • 8+ years of experience in cybersecurity risk management, cybersecurity operations, governance, or related fields.
  • Strong understanding of cybersecurity domains including Threat and Vulnerability Management, Identity & Access Management, Network Security & Architecture, Endpoint Security, Data Protection, and Encryption.
  • Demonstrated experience performing complex risk assessments, control evaluations, and evidence-based risk analysis.
  • Ability to interpret security standards and applicable regulations and frameworks.
  • Proven ability to communicate and influence effectively at all organizational levels, including senior leadership.
  • Strong analytical, critical thinking, and problem-solving skills.
  • Exceptional written communication skills and attention to detail.

Core Competencies:

  • Risk-Based Decision Making:
    Applies structured analysis to determine risk severity and justify recommendations.
  • Technical Aptitude:
    Understands complex systems, architectures, and security controls.
  • Influencing

    Skills:

    Guides stakeholders toward informed risk decisions while maintaining strong relationships.
  • Judgment & Accountability:
    Exercises sound judgment in ambiguous or evolving situations.
  • Qual…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search