×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Cyber Risk Analyst III

Job in Raleigh, Wake County, North Carolina, 27601, USA
Listing for: First Citizens
Full Time position
Listed on 2026-01-09
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Job Description & How to Apply Below

Overview

This position provides cybersecurity risk management and expert support at the highest level of cybersecurity governance and oversight, with primary responsibility for cyber risk identification and mitigation across the organization. The role evaluates risks, identifies control gaps, and partners with stakeholders to implement mitigation strategies that strengthen the organization’s security posture. Serves as a subject matter expert in risk assessment practices and cybersecurity domains, contributes to broader cyber risk oversight, recommends and monitors enhancements to processes and procedures, and provides reporting and analysis in support of strategic objectives.

Responsibilities

Cyber Risk Assessments – Leads and executes cybersecurity risk assessments across cyber domains, business units, and technology environments. Evaluates control effectiveness against established frameworks and regulatory expectations, identifies risk exposures, and documents findings in clear, actionable terms.

Risk Identification and Mitigation – Identifies potential risks across operational, technology, and regulatory domains. Works with stakeholders to define and track remediation plans, ensuring timely and effective resolution of identified issues. Facilitates risk mitigation strategies aligned to business objectives and regulatory standards.

Framework Application – Applies industry-standard frameworks (e.g., NIST Cybersecurity Framework (CSF), NIST SP 800-53, ISO 27001, FFIEC guidelines) to assess and benchmark the organization’s risk posture. Conducts gap analyses, interprets requirements, and provides recommendations for closing compliance or control gaps.

Cyber Technical Expertise – Leverages strong technical knowledge of core cybersecurity domains (e.g., identity and access management, network security, cloud security, endpoint protection, vulnerability management, and security architecture) to effectively assess risks and validate control implementation. Provides informed insights on technical risk mitigation strategies.

Stakeholder Partnership – Collaborates with business, technology, and control owners to communicate assessment results, educate stakeholders on risk management expectations, and promote awareness of cybersecurity risks. Supports a culture of accountability and continuous improvement in risk management practices.

Monitoring and Reporting – Develops and maintains risk assessment reports and dashboards. Communicates trends, patterns, and emerging risks to leadership, providing transparency into the organization’s cyber risk profile. Tracks remediation progress, escalates overdue actions, and highlights areas requiring additional oversight.

Continuous Improvement – Maintains awareness of changes in industry standards, threat landscape, and regulatory requirements. Incorporates emerging practices into the organization’s risk assessment methodology, ensuring assessments remain relevant and effective.

Remote eligible.

Qualifications
  • Bachelor’s Degree and 6+ years of experience in cyber risk management or cyber risk oversight OR High School Diploma or GED and 10+ years of experience in cyber risk management or cyber risk oversight
  • Direct experience performing cybersecurity risk assessments, including scoping, evaluation, gap analysis, and reporting
  • Strong knowledge of cybersecurity frameworks such as NIST CSF, NIST SP 800-53, ISO 27001, and FFIEC guidance, with demonstrated ability to apply them in complex organizations
  • Demonstrated technical expertise across cybersecurity domains including IAM, security architecture, network and cloud security, endpoint protection, and vulnerability management
  • Experience identifying risks, defining remediation strategies, and partnering with stakeholders to reduce risk exposure
  • In-depth practical knowledge of internal controls, cybersecurity processes, and risk management methodologies
  • Excellent written and oral communication skills, with ability to influence stakeholders and communicate effectively at multiple levels
  • Professional certifications such as CISSP, CISA, CISM, CRISC, or similar
Preferred Qualifications
  • 7–10 years of experience in cybersecurity risk…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search